Skills
skills/midnightv1/claude-code-feishu/feishu-bitable/Gen Agent Trust Hub

feishu-bitable

Pass

Audited by Gen Agent Trust Hub on Apr 18, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it retrieves and displays content from Feishu Bitable records which could contain malicious instructions.
  • Ingestion points: Records are fetched from Feishu Bitable in scripts/bitable_ctl.py via the record list and record get commands.
  • Boundary markers: The output does not use specific delimiters or warnings to separate data from instructions.
  • Capability inventory: The skill allows creating, updating, and deleting records and tables in Feishu via api.post, api.put, and api.delete calls.
  • Sanitization: Content fetched from the API is displayed directly without sanitization or escaping.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 18, 2026, 06:31 AM