The Agent Skills Directory

[SAFE]: The skill utilizes the vendor-provided lark-cli to interact with official Lark/Feishu APIs. This is standard behavior for managing conference data within the vendor's ecosystem.
[SAFE]: File system operations are limited to downloading meeting artifacts (such as transcripts and cover images) to local directories. These actions are consistent with the skill's stated purpose of organizing meeting minutes.
[SAFE]: The skill processes meeting transcripts and AI-generated notes, which are potential ingestion points for indirect prompt injection. However, the skill's restricted capabilities (limited to official CLI commands and local file writes) and the absence of high-risk operations (such as arbitrary shell execution or external network exfiltration) make this surface low-risk.
[SAFE]: No patterns of prompt injection, obfuscation, or unauthorized data exfiltration to third-party domains were detected. The skill correctly follows security practices by referencing a shared authentication skill.

lark-vc