Skills
skills/larksuite/cli/lark-shared/Gen Agent Trust Hub

lark-shared

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent on how to use lark-cli for authentication, configuration, and resource management. It specifically guides the agent to use argument arrays for command execution to prevent shell injection vulnerabilities.
  • [EXTERNAL_DOWNLOADS]: Includes instructions for the lark-cli update command, which fetches the latest versions of the CLI and its associated skills from the vendor's sources.
  • [SAFE]: Implements a 'high-risk operation protocol' that uses specific exit codes (exit 10) and JSON responses to force the agent to request explicit user confirmation before proceeding with destructive actions like deletions.
  • [SAFE]: Explicitly prohibits the output of sensitive information such as appSecret or accessToken to the terminal or agent responses.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 03:06 AM
Security Audit — agent-trust-hub — lark-shared