The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses the lark-cli binary to perform authentication and execute management tasks within the Lark ecosystem, including creating database tables and records.
[DATA_EXFILTRATION]: The workflow gathers sensitive data such as investment portfolio details, CRM contact interactions, and personal calendar schedules. This information is moved within the Lark environment to generate IM messages and Docs, representing a significant aggregation and transmission of sensitive data.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its processing of data from external, potentially attacker-influenced sources.
Ingestion points: Data is retrieved from multiple Lark Base tables (CRM, social media, content), tasks, and calendar events using lark-cli commands specified in SKILL.md.
Boundary markers: There are no explicit delimiters or instructions to ignore embedded commands when the retrieved data is processed by the AI advisors.
Capability inventory: The agent has permissions to send messages via im +messages-send, create documents with docs +create, and modify database entries using base +record-upsert.
Sanitization: No data validation or sanitization routines are implemented to clean the records fetched from external sources before they are interpreted by the agent.

lark-workflow-business-advisor