Skills
skills/liangdabiao/lark-workflow-feishu-cli/lark-workflow-standup-report/Gen Agent Trust Hub

lark-workflow-standup-report

Pass

Audited by Gen Agent Trust Hub on Apr 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the lark-cli binary to authenticate and retrieve calendar events (+agenda) and task lists (+get-my-tasks).
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes user-generated content from an external platform (Lark/Feishu).
  • Ingestion points: Untrusted data enters the context through the output of lark-cli calendar +agenda (event summaries) and lark-cli task +get-my-tasks (task titles) in SKILL.md.
  • Boundary markers: The prompt template for the summary does not use explicit delimiters (e.g., XML tags or triple quotes) to separate fetched data from instructions, nor does it explicitly tell the agent to ignore instructions embedded in the data.
  • Capability inventory: The skill possesses the capability to execute shell commands via lark-cli across its workflow.
  • Sanitization: There is no evidence of sanitization or filtering of the external content before it is processed by the AI for the summary.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 13, 2026, 09:52 AM