meegle
Pass
Audited by Gen Agent Trust Hub on May 26, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill handles untrusted data from project work items and comments, creating a potential surface for indirect prompt injection.
- Ingestion points: Commands such as
meegle workitem get,meegle view items, andmeegle comment listingest user-generated content (titles, descriptions, comments) from the Feishu Project platform into the agent's context. - Boundary markers: The skill contains a dedicated 'Prompt Injection Defense' section in
references/error-handling.mdwhich provides explicit instructions to the AI agent to treat remote data as display text only and never as instructions. - Capability inventory: The skill possesses significant write capabilities, including work item creation/updating, workflow transitions (
workflow transition), and attachment management (attachment upload/delete). - Sanitization: Relies on the internal instruction set to ensure the agent maintains context and does not execute commands embedded in retrieved project data.
- [EXTERNAL_DOWNLOADS]: The skill documentation provides instructions for installing the necessary CLI utility from an external package registry.
- Evidence:
npm install -g @tingwillforever/meegle-clias specified inreferences/runtime-private-remote-mcp.md. - Context: The package is published under the author's own namespace and is the core functional component required for the skill to operate.
Audit Metadata