feishu-drive
Pass
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local Python script (
drive_ctl.py) to perform API operations on Feishu Drive. - [DATA_EXFILTRATION]: Through the
send-fileandsend-imagecommands, the agent can read local files and upload them to Feishu chat IDs. This functional capability provides a path for data exfiltration if the agent is manipulated. - [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface via untrusted file metadata. Ingestion points: File names and metadata are retrieved from the Feishu Drive API in
scripts/drive_ctl.py. Boundary markers: The skill instructions do not provide delimiters to separate external data from agent instructions. Capability inventory: The skill allows reading local files, sending data over the network, and modifying remote drive content. Sanitization: The implementation does not sanitize or validate retrieved metadata before it is processed by the agent.
Audit Metadata