feishu-fetch-doc
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill establishes a workflow that processes untrusted external data (Feishu document content) which is then used to drive subsequent agent actions, creating a surface for indirect prompt injection.
- Ingestion points: Document content fetched via the
feishu_mcp_fetch_doctool. - Boundary markers: No specific boundary markers or instructions to ignore embedded prompts within the document content are provided.
- Capability inventory: The skill utilizes tools capable of downloading files (
feishu_doc_media), modifying spreadsheets (feishu_sheet), and managing database-like structures (feishu_bitable_*). - Sanitization: The instructions do not define sanitization or validation steps for the extracted tokens or content before passing them to other tools.
Audit Metadata