minutes (v1)

Name: cli/lark-minutes
Author: larksuite

View on GitHub↗

Share on X Share on LinkedIn Share on Bluesky

70High

The skill risks RAG poisoning via an external `SK

ThreatsCI SM CS BC S HITL

Behavior Analysis

Mismatch detected — The skill's initial description claims it can retrieve AI products (summaries, to-dos, chapters) from minutes, but later sections explicitly state this functionality is not part of this skill and should be routed to `lark-vc +notes`.

Claims to do

minutes (v1): **CRITICAL — 开始前 MUST 先用 Read 工具读取 [`../lark-shared/SKILL.md`](../lark-shared/SKILL.md)，其中包含认证、权限处理**

Actually does

This skill uses the `lark-cli` tool to interact with Feishu (Lark) Minutes. It can search for minutes using `lark-cli minutes +search`, retrieve basic metadata like title and duration with `lark-cli minutes minutes get`, and download audio/video files or get download URLs using `lark-cli minutes +download`. It also instructs on parsing minute tokens from URLs.

Threat Analysis

AI Agent Traps ↗Scanned 4/15/2026

Content InjectionPerceptionclean

Semantic ManipulationReasoning1 finding

Cognitive StateMemory & Learning1 finding

Behavioural ControlAction1 finding

SystemicMulti-Agent Dynamicsclean

Human-in-the-LoopHuman Overseerclean

Skill Info

Namelarksuite/cli/lark-minutes

Registrygithub

Version5fa68ccaa04e

PURLpkg:github/larksuite/cli@5fa68ccaa04e?skill=lark-minutes

Stars7,923

Installs57,000

Source

Repository ↗SKILL.md ↗

SHA-2560d1ee5164d90...

SHA-1ff205c4c8d35...

MD57586493d920b...

TLSH37e195370d16...

ssdeep96:ZPX/c1YIq...

Size6,845 bytes

Install

This skill has been flagged as potentially malicious. Review the findings below before installing.

GitHub

https://github.com/larksuite/cli/tree/main/skills/lark-minutes

57,000 installs

Skills.shDocs

npx skills add https://github.com/larksuite/cli --skill lark-minutes

Assessments (3)

AI Agent Traps ↗

RAG Poisoning via External Configurationhighrag poisoning

The skill explicitly instructs the agent to read an external `SKILL.md` file for critical authentication and permission handling information. If this external file is compromised, it could lead to RAG poisoning, manipulating the agent's security policies or behavior.

90% confidenceline 13

CRITICAL — 开始前 MUST 先用 Read 工具读取 [`../lark-shared/SKILL.md`](../lark-shared/SKILL.md)，其中包含认证、权限处理

Potential Resource Abuse via Unbounded Searchmediumresource abuse

The `minutes +search` command can return up to 200 items per page with no fixed upper limit on total results. This could lead to excessive resource consumption (network, storage, processing) if the agent is instructed to retrieve all results without proper pagination limits.

80% confidenceline 76

`minutes +search` 单次最多返回 `200` 条；结果总数没有固定上限

Description Mismatchmediumdescription mismatch

The skill's initial description claims it can retrieve AI products (summaries, to-dos, chapters) from minutes, but later sections explicitly state this functionality is not part of this skill and should be routed to `lark-vc +notes`.

85% confidence

Description: '4.获取妙记相关 AI 产物（总结、待办、章节）'. Core Scenarios 4: '当用户说...不属于本 skill。应使用 [vc +notes --minute-tokens]...'

Badge

Markdown

[![Mondoo Skill Check](https://mondoo.com/ai-agent-security/api/badge/github/larksuite/cli/lark-minutes.svg)](https://mondoo.com/ai-agent-security/skills/github/larksuite/cli/lark-minutes)

HTML

<a href="https://mondoo.com/ai-agent-security/skills/github/larksuite/cli/lark-minutes"><img src="https://mondoo.com/ai-agent-security/api/badge/github/larksuite/cli/lark-minutes.svg" alt="Mondoo Skill Check" /></a>

Image URL

https://mondoo.com/ai-agent-security/api/badge/github/larksuite/cli/lark-minutes.svg

Secure your AI agents

Skills can read files, run commands, and access credentials. Mondoo helps organizations manage the security risks of AI agent skills across their entire fleet.

Continuous scanning of skills across all registries
Policy enforcement before skills reach your agents
Integration with your existing security workflow