lark-okr
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the lark-cli binary to interact with the Lark Suite API, facilitating the retrieval and modification of OKR data through authenticated commands.
- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it processes user-provided rich text in OKR fields. 1. Ingestion points: Content and notes fields in Objective and KeyResult entities as described in lark-okr-entities.md. 2. Boundary markers: The documentation does not specify the use of delimiters or warnings to isolate processed OKR data from the agent's instructions. 3. Capability inventory: The skill can read, create, update, and delete OKR data using lark-cli. 4. Sanitization: No explicit content sanitization or validation routines are identified for the processed text data.
Audit Metadata