lark-approval
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns such as prompt injection, credential exfiltration, or unauthorized persistence mechanisms were detected in the skill instructions.
- [COMMAND_EXECUTION]: The skill utilizes
lark-clito perform operations against the Lark API. This is a vendor-provided tool consistent with the skill's purpose for interacting with Lark services. - [DATA_EXPOSURE]: No hardcoded secrets, API keys, or access to sensitive filesystem locations (e.g., ~/.ssh, ~/.aws) were found. Authentication is handled via a shared configuration referenced in the instructions.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes external approval task data and possesses write capabilities (approve/reject).
- Ingestion points:
instances.get,tasks.query(SKILL.md) - Boundary markers: None specified in this file
- Capability inventory:
lark-cli approval tasks [approve|reject|transfer],lark-cli approval instances [cancel|cc](SKILL.md) - Sanitization: No explicit sanitization or validation of the retrieved task content is mentioned.
Audit Metadata