Skills
skills/riba2534/feishu-cli/feishu-cli-wiki/Gen Agent Trust Hub

feishu-cli-wiki

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION] (SAFE): The skill uses the Bash tool to run feishu-cli commands for interacting with Feishu Wiki. This is consistent with its stated purpose.
  • [EXTERNAL_DOWNLOADS] (LOW): The skill downloads wiki documents and images from external domains including feishu.cn, larkoffice.com, and larksuite.com. These are not on the trusted whitelist but are required for the skill's functionality.
  • [PROMPT_INJECTION] (LOW): Vulnerability surface for Indirect Prompt Injection identified (Category 8).
  • Ingestion points: External data enters the agent context via the feishu-cli wiki export command in SKILL.md.
  • Boundary markers: Absent. There are no delimiters or instructions provided to the agent to treat the exported Markdown as untrusted data.
  • Capability inventory: The agent has access to Bash (shell execution) and Read (file access), which could be exploited if malicious instructions are embedded in a wiki document.
  • Sanitization: Absent. The skill does not describe any filtering or sanitization of the retrieved Markdown content.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:29 PM