feishu-cli-export
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes content from external Feishu documents which are then presented to the agent for analysis.
- Ingestion points: Content enters the agent's context through Markdown files and images exported from Feishu via the
feishu-clitool (e.g., inSKILL.mdsteps for reading exported content and images). - Boundary markers: The instructions do not specify the use of delimiters or
Audit Metadata