lark-attendance
Pass
Audited by Gen Agent Trust Hub on Apr 11, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill uses emphatic markers such as "CRITICAL" and "MUST" to direct the agent to read a prerequisite configuration file (
../lark-shared/SKILL.md). These are functional instructions for environment setup and do not attempt to bypass safety filters or manipulate the agent's core behavior. - [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it ingests untrusted data from the Lark API via
user_tasks.query. Ingestion point:user_tasks.queryin SKILL.md. Boundary markers: absent. Capability inventory:lark-cliin SKILL.md. Sanitization: absent. The risk is assessed as safe given the source is a managed enterprise service. - [COMMAND_EXECUTION]: The skill utilizes the
lark-clicommand-line tool. This is a vendor-specific resource from larksuite and its use is limited to querying official attendance APIs as described in the skill's purpose.
Audit Metadata