feishu-docx
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (LOW): The skill requires installing the 'feishu-docx' Python package. While this is an external dependency not on the trusted source list (ordinarily MEDIUM), the severity is lowered because it is integral to the skill's primary function.
- COMMAND_EXECUTION (LOW): The tool uses shell commands to interact with Feishu URLs and export files. This provides the agent with the capability to execute commands based on external data.
- PROMPT_INJECTION (LOW): The skill is vulnerable to Indirect Prompt Injection (Category 8) due to its processing of external document content. Evidence Chain: 1. Ingestion points: Document content from external Feishu/Lark URLs; 2. Boundary markers: No delimiters are specified in the instructions; 3. Capability inventory: CLI execution and local file-write capabilities; 4. Sanitization: Not documented in the instructions.
- CREDENTIALS_UNSAFE (SAFE): No hardcoded credentials or secrets were identified in the skill; it correctly uses placeholders and configuration commands for API keys.
Audit Metadata