lark-doc
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes system-native utilities for clipboard operations. Specifically,
+media-insertusesosascripton macOS,PowerShellon Windows, and standard tools likexclip,wl-paste, orxselon Linux to handle image data directly from the system clipboard. These are legitimate dependencies for the functionality described. - [DATA_EXPOSURE]: The skill interacts with the local file system through
+media-downloadand+media-preview, which save document assets (images, files) to user-specified paths. It also reads from the system clipboard via+media-insert --from-clipboard. These operations are transparently documented and triggered by explicit user requests. - [INDIRECT_PROMPT_INJECTION]: As the skill fetches and processes content from external Lark documents via
+fetch, there is an inherent surface for indirect prompt injection. However, the skill mitigates this by using structured XML/Markdown formats, implementing a 'Code-Act Loop' for verification, and providing clear instructions for the agent to maintain block-level fidelity and avoid executing embedded instructions as commands. - [SAFE]: The skill includes robust safety guidelines, such as requiring user confirmation before transferring document ownership and warning about the risks of the
overwritecommand which could lead to data loss.
Audit Metadata