Skills
skills/m1heng/claude-plugin-feishu/feishu-docs/Gen Agent Trust Hub

feishu-docs

Pass

Audited by Gen Agent Trust Hub on Apr 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the feishu-doc CLI via the Bash tool to search and browse Feishu developer documentation. Access is restricted to this specific command prefix in the YAML frontmatter.
  • [EXTERNAL_DOWNLOADS]: The skill requires the global installation of the feishu-doc-cli npm package. This is a vendor-related tool for interacting with the Feishu platform.
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection (Category 8). Ingestion points: Markdown documentation retrieved via the feishu-doc read command from Feishu/Lark domains. Boundary markers: Absent. Capability inventory: Limited to the feishu-doc command, which restricts execution of arbitrary code but permits interaction with the documentation tool. Sanitization: Absent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 3, 2026, 02:13 AM