lx-connector
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the 'lx' command-line interface to interact with Tencent Lexiang services. Commands such as 'lx meeting search-tx-meeting-records' and 'lx comment list-comments' are used to retrieve and manipulate data.
- [PROMPT_INJECTION]: Surface for Indirect Prompt Injection detected.
- Ingestion points: Data is ingested from external Tencent Meeting records (transcripts/metadata) and comments on knowledge base entries via the 'lx meeting' and 'lx comment' tools.
- Boundary markers: Absent. The skill instructions do not define specific delimiters or provide guidance to the agent to ignore instructions embedded within the meeting content or comments.
- Capability inventory: The skill includes the ability to write to the knowledge base using 'lx meeting import-tx-meeting-record'.
- Sanitization: Absent. There is no logic provided in the skill to sanitize or validate the content of meeting records or comments before processing.
Audit Metadata