feishu-cli-search
Pass
Audited by Gen Agent Trust Hub on May 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides instructions to execute local CLI commands via the Bash tool to interact with the Feishu API.\n
- Evidence: Commands such as
feishu-cli auth check,feishu-cli auth login, and various search subcommands are utilized.\n - Context: These commands are used for legitimate session management and data retrieval according to the skill's primary purpose.\n- [EXTERNAL_DOWNLOADS]: The skill references an external repository for the installation of its required CLI tool.\n
- Evidence: Links to
github.com/riba2534/feishu-clifor installation instructions.\n - Context: The resource belongs to the skill's author and is provided for legitimate functional dependency.\n- [PROMPT_INJECTION]: The skill processes external data retrieved from search results, creating an indirect prompt injection surface.\n
- Ingestion points: Search result content from Feishu documents, messages, and apps entering the agent context via
feishu-clioutput (SKILL.md).\n - Boundary markers: No specific delimiters or warnings against embedded instructions are provided in the command examples.\n
- Capability inventory: The skill allows the use of the
Bashtool for command execution.\n - Sanitization: No explicit sanitization or validation of the retrieved content is described in the skill instructions.\n
- Context: This is a standard surface for search-based functionality and is considered an operational risk inherent to the tool's intended use.\n- [SAFE]: No signs of obfuscation, unauthorized data exfiltration, or persistence mechanisms were detected within the skill content.
Audit Metadata