Skills
skills/cklxx/elephant.ai/feishu-doc/Gen Agent Trust Hub

feishu-doc

Pass

Audited by Gen Agent Trust Hub on Apr 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local script at skills/feishu-cli/run.py using Python 3 to perform API operations on Feishu documents and wikis. This is a standard implementation for CLI-based agent skills.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it ingests untrusted data from external Feishu documents via the read_content and list_blocks actions. This data is processed by the agent to fulfill user requests.
  • Ingestion points: Data enters the context through doc:read_content and doc:list_blocks (SKILL.md).
  • Boundary markers: None specified in the instructions to separate external document content from system instructions.
  • Capability inventory: The agent can execute shell commands via bash to interact with the local CLI script.
  • Sanitization: No explicit sanitization or validation of the ingested document content is described.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 1, 2026, 02:52 PM