lark-workflow-meeting-summary
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill relies on executing system shell commands and the
lark-clibinary to perform its primary functions. It usesdatefor time calculation and variouslark-clisubcommands for authentication, searching meeting records, querying metadata, and creating documents. - [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection because it processes untrusted meeting notes and metadata retrieved from an external platform.
- Ingestion points: Data enters the agent context through
lark-cli vc +notesandlark-cli drive metas batch_querycommands (SKILL.md). - Boundary markers: There are no explicit delimiters or specific instructions for the agent to ignore or isolate instructions that might be embedded within the meeting content being summarized.
- Capability inventory: The skill has the capability to execute shell commands via
lark-cliand perform write operations to cloud documents vialark-cli docs +createand+update(SKILL.md). - Sanitization: No evidence of validation, escaping, or filtering of the retrieved meeting content is present before it is used in report generation or document updates.
Audit Metadata