lark-task
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the lark-cli binary to perform API-driven tasks such as creating, updating, and deleting tasks and tasklists.\n- [SAFE]: All shortcuts that perform write operations (e.g., creating or updating tasks) are accompanied by a caution block that mandates the agent confirm user intent before execution, reducing the risk of accidental or malicious modifications.\n- [SAFE]: Authentication and credential management logic are abstracted to a separate shared skill (lark-shared), ensuring that sensitive authorization tokens are not handled or stored within the task management scripts themselves.\n- [SAFE]: The skill utilizes dynamic identification of user IDs through official CLI status commands rather than hardcoded credentials or identifiers, supporting secure and context-aware execution.
Audit Metadata