Skills
skills/riba2534/feishu-cli/feishu-cli-chat/Gen Agent Trust Hub

feishu-cli-chat

Pass

Audited by Gen Agent Trust Hub on May 6, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill references an external CLI tool hosted on the author's GitHub repository at github.com/riba2534/feishu-cli for core functionality.
  • [COMMAND_EXECUTION]: Extensive use of shell commands via the feishu-cli tool to perform authenticated operations like reading chat records, searching groups, and managing members.
  • [DYNAMIC_EXECUTION]: Employs a Python subprocess command (python3 -c) to dynamically calculate Unix timestamps for precise message filtering based on time ranges.
  • [PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection as it ingests untrusted data from external Feishu chat environments.
  • Ingestion points: Chat history retrieval and message searching via msg history and search messages (SKILL.md).
  • Boundary markers: None; chat content is ingested directly into the agent's context without delimiters.
  • Capability inventory: Access to Bash, Read, and Write tools allows for significant system interaction.
  • Sanitization: No explicit sanitization of the message content is implemented before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
May 6, 2026, 06:06 AM