feishu-pdf-downloader
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill accesses local configuration files (~/.openclaw/.env) to retrieve Feishu API credentials. These credentials are used for authentication with official Feishu service endpoints.
- [COMMAND_EXECUTION]: The skill performs network requests via the requests library and executes file-write operations to save data to a user-specified local path.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it downloads untrusted data from an external source (Feishu) that is subsequently available for agent processing. 1. Ingestion points: File data downloaded from the Feishu API in scripts/download_feishu_pdf.py. 2. Boundary markers: No boundary markers or delimiters are used to separate the external data from the prompt context. 3. Capability inventory: The skill utilizes network access and file system write operations. 4. Sanitization: No validation of the downloaded content or sanitization of the output file path is performed.
Audit Metadata