Skills
skills/wulaosiji/skills/feishu-doc-creator/Gen Agent Trust Hub

feishu-doc-creator

Fail

Audited by Gen Agent Trust Hub on Mar 8, 2026

Risk Level: HIGHDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill accesses a sensitive local configuration file to retrieve API credentials.\n
  • Evidence: The load_config function in __init__.py reads ~/.claude/feishu-config.env, which contains FEISHU_APP_ID and FEISHU_APP_SECRET.\n- [DATA_EXFILTRATION]: The skill transmits sensitive credentials over the network to an externally defined API domain.\n
  • Evidence: The get_access_token function sends a POST request containing application secrets to the domain stored in FEISHU_API_DOMAIN.\n- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through the processing of untrusted document content.\n
  • Ingestion points: The content and title parameters in the create_doc, create_drive_doc, and create_wiki_doc functions in __init__.py.\n
  • Boundary markers: No delimiters or protective instructions are implemented to separate untrusted user content from the API-driven document structure.\n
  • Capability inventory: The skill possesses the capability to write to external cloud documents via requests.post and can read local files when triggered through the command-line interface.\n
  • Sanitization: There is no evidence of content sanitization, filtering, or validation before the data is parsed and uploaded to the Feishu platform.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 8, 2026, 02:24 AM