Skills
skills/riba2534/feishu-cli/feishu-cli-search/Gen Agent Trust Hub

feishu-cli-search

Pass

Audited by Gen Agent Trust Hub on Apr 12, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to execute feishu-cli for session management and searching docs, messages, and applications.
  • [EXTERNAL_DOWNLOADS]: The skill provides a link to the vendor's repository (github.com/riba2534/feishu-cli) for tool installation. This is a vendor-managed resource and is considered safe for the intended functionality.
  • [DATA_EXFILTRATION]: The CLI tool manages sensitive User Access Tokens at ~/.feishu-cli/token.json. Access to this file is required for the tool to function and communicate with Feishu APIs.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it retrieves and processes content from external sources (Feishu docs and messages) that could contain malicious instructions.
  • Ingestion points: Data retrieved from Feishu search results in feishu-cli search docs and feishu-cli search messages.
  • Boundary markers: None identified in the provided instructions or command examples.
  • Capability inventory: Subprocess execution via Bash (feishu-cli) and local file system access (~/.feishu-cli/).
  • Sanitization: No validation or sanitization of the search result content is performed before the agent processes it.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 12, 2026, 06:36 PM