feishu-update-doc
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes untrusted Markdown data to update Feishu documents. * Ingestion points: The 'markdown' and 'selection_with_ellipsis' parameters within the update-doc tool in SKILL.md. * Boundary markers: There are no documented delimiters or instructions to ignore embedded commands within the Markdown input. * Capability inventory: The skill has the capability to modify, insert, or overwrite content in cloud documents via the Feishu API. * Sanitization: No sanitization, filtering, or validation of the input Markdown is documented.
Audit Metadata