lark-sheets
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill relies on the
lark-clibinary to perform all spreadsheet operations (create, read, write, export). This dependency is declared in the skill metadata. - [DATA_EXFILTRATION]: While the skill can read data from Lark spreadsheets and export it to local files via the
+exportshortcut, these operations are documented features intended for user-directed tasks. No unauthorized external network calls or exfiltration patterns were detected. - [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted content retrieved from spreadsheets, creating an indirect injection surface. * Ingestion points: Data is retrieved from spreadsheet cells using
lark-cli sheets +readandlark-cli sheets +find. * Boundary markers: The instructions include[!CAUTION]blocks in multiple files (e.g.,lark-sheets-write.md,lark-sheets-append.md) that explicitly warn the agent to confirm user intent before performing write operations. * Capability inventory: The skill has the ability to write to spreadsheets, create new resources, and export data to the local file system. * Sanitization: No explicit sanitization or filtering of the spreadsheet content is specified in the skill markdown; the agent is relied upon to maintain context and verify actions.
Audit Metadata