feishu-doc
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill is subject to Indirect Prompt Injection (Category 8) risks because its primary function is to ingest data from external, potentially untrusted sources.
- Ingestion points: The 'read', 'list_blocks', and 'get_block' actions retrieve content from Feishu documents.
- Boundary markers: The skill description does not specify any delimiters or instructions to the agent to disregard instructions found within the document text.
- Capability inventory: While this specific file does not contain scripts, the data it retrieves is intended for an agent that may possess capabilities like tool execution or file writing.
- Sanitization: There is no evidence of content sanitization or filtering of the document data before it is processed by the agent.
Audit Metadata