The Agent Skills Directory

[COMMAND_EXECUTION]: The skill interacts with the Feishu Slides service by executing shell commands using the lark-cli binary. It provides structured commands for creating presentations, adding slides, and retrieving XML content, while properly declaring this dependency in the metadata.
[SAFE]: No malicious patterns or vulnerabilities were detected. The skill instructions prioritize secure user authentication (--as user) and consistently demonstrate the use of jq to safely escape and structure user-provided XML data before passing it to the CLI, mitigating injection risks. An evaluation of the indirect prompt injection surface indicates a safe design: untrusted data ingestion (Category 8a) is confined to slide content, structural boundaries (Category 8b) are enforced via JSON/XML formatting, and tool capabilities (Category 8c) are limited to the Lark Slides API with no evidence of unsafe interpolation or missing sanitization.

lark-slides