feishu-message
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE]: This skill consists of declarative tool definitions and documentation with no executable scripts or binaries.
- [PROMPT_INJECTION]: The skill interacts with untrusted message data from Feishu. 1. Ingestion points: Message content is retrieved via the get and list actions in SKILL.md. 2. Boundary markers: No delimiters are specified to isolate message content from system instructions. 3. Capability inventory: There are no high-risk capabilities such as command execution, file system access, or external network requests. 4. Sanitization: The skill does not implement data sanitization.
- [SAFE]: No credentials, obfuscation, or suspicious behaviors were found. The permissions requested are appropriate for the skill's stated functionality.
Audit Metadata