feishu-board
Pass
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill features an indirect prompt injection surface due to its ability to read content from shared Feishu boards.\n
- Ingestion points: The
readcommand inscripts/board_ctl.pyingests text content from board nodes into the agent context.\n - Boundary markers: No delimiters are used to isolate retrieved board content from the agent's instructions.\n
- Capability inventory: The tool set allows the agent to create, update, and delete board elements.\n
- Sanitization: Text from the Feishu API is displayed without sanitization, allowing potential embedded instructions to be seen by the agent.
Audit Metadata