skills/larksuite/cli/lark-okr/Gen Agent Trust Hub

lark-okr

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it retrieves and processes user-controlled OKR content (Objectives, Key Results, Notes) which may contain malicious instructions.
  • Ingestion points: External data enters the agent context through tools such as okr +cycle-detail and objectives.get defined in SKILL.md and its references.
  • Capability inventory: The skill has the capability to modify and delete OKR data via the lark-cli okr interface (e.g., objectives.delete, key_results.patch).
  • Boundary markers: The instructions do not define any delimiters or system prompts to isolate the user-provided OKR content from the agent's operational instructions.
  • Sanitization: No validation, filtering, or escaping of the OKR content is performed before the agent interprets the data.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 10:13 AM
Security Audit — agent-trust-hub — lark-okr