lark-workflow-erp-inventory
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes
lark-clifor legitimate operations within the Lark platform, including base creation, table management, and record updates. These actions are aligned with the intended functionality of an inventory ERP system. - [DATA_EXFILTRATION]: No patterns of unauthorized data transfer were identified. The skill interacts exclusively with the Lark API via the authorized CLI tool, and data stays within the user's workspace.
- [PROMPT_INJECTION]: The instructions are structured to guide the agent through specific tasks and do not contain commands to ignore safety protocols, extract system prompts, or bypass platform constraints.
- [EXTERNAL_DOWNLOADS]: The skill references
lark-clias a required binary in its metadata. This is a configuration requirement for the platform to provide the necessary tools for the skill's execution and does not represent a malicious external download. - [SAFE]: The skill includes defensive logic, such as validating stock levels before processing out-of-stock requests and requiring multi-step initialization, which demonstrates best practices for automated data handling within a business workflow.
Audit Metadata