lark-task
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill instructions and documentation are consistent with the stated purpose of managing tasks within the Lark platform. No evidence of prompt injection, data exfiltration, or obfuscation was found.
- [COMMAND_EXECUTION]: The skill uses the
lark-cliutility to interact with the Lark API. Commands are parameterized and intended for legitimate task operations such as creating, updating, and listing tasks. These operations are performed within the scope of the user's authenticated environment. - [DATA_EXPOSURE]: Authentication and credential management are handled through a shared configuration reference (
lark-shared/SKILL.md), which demonstrates a secure design pattern by centralizing sensitive logic rather than hardcoding it within individual task references.
Audit Metadata