Skills
skills/tnnevol/skills/dingtalk-connector/Gen Agent Trust Hub

dingtalk-connector

Pass

Audited by Gen Agent Trust Hub on Mar 26, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill describes an indirect prompt injection surface where the agent extracts text from untrusted external attachments (Word, PDF, and text files) and injects the resulting content into the active conversation context.
  • Ingestion points: references/messaging-attachments.md (processes incoming files from DingTalk messages).
  • Boundary markers: The documentation does not specify the use of delimiters or 'ignore' instructions to isolate processed content.
  • Capability inventory: The skill provides extensive capabilities including messaging (references/core-messaging.md), document CRUD operations (references/docs-operations.md), and directory queries (references/directory-query.md).
  • Sanitization: No sanitization or validation logic is mentioned for the content extracted from external files.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 26, 2026, 05:26 AM
Security Audit — agent-trust-hub — dingtalk-connector