Skills
skills/yjwong/lark-cli/sheets/Gen Agent Trust Hub

sheets

Pass

Audited by Gen Agent Trust Hub on Mar 30, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • [SAFE]: No malicious patterns such as credential theft, persistence, or obfuscation were detected. The skill uses a local binary and environment variables for legitimate spreadsheet management.
  • [COMMAND_EXECUTION]: Executes the local lark CLI and jq to process data from spreadsheets.
  • [PROMPT_INJECTION]: The skill creates an indirect prompt injection surface because it processes untrusted data from external spreadsheet sources.
  • Ingestion points: Data retrieved via lark sheet read.
  • Boundary markers: Not present in instructions.
  • Capability inventory: Command execution via lark and file writing via sheet download.
  • Sanitization: Data is handled as structured JSON without specific content filtering.
  • [DATA_EXFILTRATION]: Includes a feature to download spreadsheet attachments to the local filesystem, which involves interaction with the external Lark API.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 30, 2026, 03:19 AM