feishu-doc
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection surface identified in the skill's documented behavior.
- Ingestion points: The skill fetches content from external Feishu/Lark sources (Wiki, Docs, Sheets, Bitable) via the 'read' action.
- Boundary markers: No delimiters or safety instructions are specified to separate external content from system instructions.
- Capability inventory: The skill possesses extensive write capabilities, including creating, overwriting, appending content, and managing blocks.
- Sanitization: Documentation does not mention sanitization or validation of the fetched data.
- [COMMAND_EXECUTION]: The documentation specifies using 'node index.js' to run the skill, which involves executing local JavaScript.
- [NO_CODE]: No executable source code (e.g., 'index.js') or dependency manifests (e.g., 'package.json') were provided for analysis.
Audit Metadata