Skills
skills/shunsukehayashi/lark-harness/lark-im/Gen Agent Trust Hub

lark-im

Pass

Audited by Gen Agent Trust Hub on May 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses a dedicated CLI tool (lark-cli) to interact with Feishu/Lark APIs for managing chats and messages.\n- [EXTERNAL_DOWNLOADS]: Facilitates the download of images and files from the Feishu platform. Security is maintained through explicit instructions to use relative paths and prohibit directory traversal (..).\n- [PROMPT_INJECTION]: The skill processes untrusted data from chat conversations, creating an indirect prompt injection surface.\n
  • Ingestion points: Chat messages are ingested via im +chat-messages-list and im +messages-search.\n
  • Boundary markers: External content is delimited by placeholders (e.g., [Image: img_xxx]) and structured markers in JSON output.\n
  • Capability inventory: The agent can send/reply to messages and manage group chats using lark-cli.\n
  • Sanitization: Security is enforced through a mandatory human-in-the-loop requirement, where the agent must confirm all message content and recipients with the user before execution.
Audit Metadata
Risk Level
SAFE
Analyzed
May 1, 2026, 10:36 AM