Skills
skills/shunsukehayashi/lark-harness/lark-workflow-meeting-summary/Gen Agent Trust Hub

lark-workflow-meeting-summary

Pass

Audited by Gen Agent Trust Hub on May 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill relies heavily on the execution of the lark-cli binary and system commands like date to perform its functions.
  • The workflow executes lark-cli vc +search, lark-cli vc +notes, and lark-cli drive metas batch_query to retrieve data.
  • It also uses lark-cli docs +create and lark-cli docs +update to write reports back to the cloud environment.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and summarizes untrusted data from external meeting records.
  • Ingestion points: Meeting titles and notes are fetched via lark-cli vc +search and lark-cli vc +notes in SKILL.md.
  • Boundary markers: There are no delimiters or explicit instructions to ignore embedded commands within the processed meeting content.
  • Capability inventory: The agent has the ability to write to files and create documents via lark-cli docs +create and lark-cli docs +update (as referenced in SKILL.md and its dependencies).
  • Sanitization: No evidence of sanitization or escaping of the fetched meeting content is present before it is interpolated into the summary report or document creation commands.
Audit Metadata
Risk Level
SAFE
Analyzed
May 1, 2026, 10:36 AM