lark-workflow-meeting-finder
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes 'lark-cli' commands such as 'contact +search-user', 'calendar +freebusy', and 'calendar +create'. these are standard administrative operations required for the skill's intended purpose and are executed with user-level permissions.
- [SAFE]: No obfuscation, credential exposure, or persistence mechanisms were detected. The instruction requiring the agent to read a shared authentication file ('../lark-shared/SKILL.md') is a legitimate workflow dependency for managing credentials securely.
- [SAFE]: The skill was evaluated for indirect prompt injection risks. 1. Ingestion points: Data entering the context includes user-provided names and calendar event status retrieved via 'lark-cli'. 2. Boundary markers: The skill does not explicitly define markers to isolate external data. 3. Capability inventory: The agent has the ability to write to the calendar using 'lark-cli calendar +create'. 4. Sanitization: While no explicit sanitization of calendar strings is mentioned, the workflow requires user confirmation before creating events, which serves as a security checkpoint. This operational surface is standard for calendar-integrated AI tools.
Audit Metadata