feishu-fetch-doc
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized access vectors were detected. The skill uses legitimate Feishu domains belonging to the vendor larksuite.- [NO_CODE]: The analyzed skill consists solely of documentation in Markdown format and does not include any executable scripts or software dependencies.- [PROMPT_INJECTION]: The skill ingestion of external document content represents a potential indirect prompt injection surface. Ingestion points: External document content fetched via doc_id or Wiki tokens (SKILL.md). Boundary markers: Absent; no specific delimiters are provided to isolate fetched content. Capability inventory: Referenced tools for media downloads (feishu_doc_media) and sheet operations. Sanitization: None described in the skill instructions.
Audit Metadata