Skills
skills/riba2534/feishu-cli/feishu-cli-vc/Gen Agent Trust Hub

feishu-cli-vc

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [EXTERNAL_DOWNLOADS]: References the feishu-cli tool from the author's repository on GitHub (github.com/riba2534/feishu-cli).\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8):\n
  • Ingestion points: The skill retrieves potentially untrusted meeting transcripts and summaries through feishu-cli vc notes and feishu-cli minutes get (SKILL.md).\n
  • Boundary markers: No delimiters or instructions are provided to the agent to treat external meeting data as untrusted or to ignore instructions within it.\n
  • Capability inventory: The skill uses Bash for command execution and Read for file access, which could be leveraged if malicious instructions in transcripts are executed.\n
  • Sanitization: No sanitization or verification of the content retrieved from Feishu is described in the skill instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 09:57 AM