feishu-wiki
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The tool definitions for listing spaces, managing nodes, and navigating the knowledge base follow standard API interaction patterns and contain no malicious logic.
- [PROMPT_INJECTION]: No instructions were found that attempt to bypass AI safety filters or override previous system instructions.
- [DATA_EXFILTRATION]: The skill does not contain hardcoded secrets or evidence of unauthorized data transmission to external domains.
- [REMOTE_CODE_EXECUTION]: No remote code execution or script downloading patterns were detected.
- [INDIRECT_PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its interaction with wiki content. 1. Ingestion points: Node details and space listings retrieved from the Feishu API. 2. Boundary markers: No delimiters or boundary instructions are used to separate external content from the agent's instructions. 3. Capability inventory: The tool has the ability to create, move, and rename nodes, which could be exploited if an injection is successful. 4. Sanitization: No input validation or content sanitization is described in the tool logic.
Audit Metadata