lark
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses
curlandjqto interact with the Lark/Feishu API. This includes operations for sending messages, managing groups, and querying directory structure. All network requests are directed to officialopen.feishu.cnoropen.larkoffice.comendpoints. - [DATA_EXPOSURE]: The skill includes a helper function that caches the
tenant_access_tokenin/tmp/lark_token.json. While this is a functional implementation for token management,/tmpis a shared directory on many systems. - [INDIRECT_PROMPT_INJECTION]: The skill has the capability to ingest untrusted data from external sources, specifically when fetching chat history via the
im/v1/messagesendpoint or searching for users. This represents an attack surface where malicious content from external users could influence agent behavior, though the skill provides guidance on usingjqto escape content as a mitigation measure.
Audit Metadata