Skills
skills/wulaosiji/skills/feishu-card-parser/Gen Agent Trust Hub

feishu-card-parser

Pass

Audited by Gen Agent Trust Hub on Apr 18, 2026

Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The card_parser.py script accepts a file path via the --input argument and reads its content. If an attacker controls this path, they could potentially read sensitive local files, such as configuration or credential files, which the agent then processes.\n- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes untrusted data and displays it back to the agent.\n
  • Ingestion points: card_parser.py (via the --input or --text arguments) processes JSON content from external Feishu card messages.\n
  • Boundary markers: None; the card content is parsed and converted directly into Markdown without any delimiters or instructions to ignore embedded commands.\n
  • Capability inventory: The script performs file reading (open) and produces formatted text output which is then processed by the agent.\n
  • Sanitization: No sanitization or escaping is performed on the data elements from the JSON card before rendering into the final Markdown.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 18, 2026, 01:11 AM
Security Audit — agent-trust-hub — feishu-card-parser