ClawHub

Feishu Task Manager

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Feishu/Lark task-management skill, but users should understand it can change real workspace tasks and needs sensitive app credentials.

Install only if you want an agent to manage Feishu tasks for you. Use a least-privilege Feishu app, protect the App Secret, do not paste real secrets into chats or repositories, verify the package slug before installing, and require confirmation before creating, completing, or bulk-assigning tasks.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The README explicitly promotes creating and completing Feishu tasks but does not warn users that these actions modify live task data in an external system. In an agent context, this omission can cause users to invoke destructive or state-changing operations without realizing the skill has write capabilities, increasing the risk of unintended task creation, reassignment, or completion.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The configuration example includes sensitive Feishu credentials, including an app secret, without any security guidance on safe storage, redaction, or avoiding exposure in chat, logs, or version control. In agent ecosystems, users often paste configuration directly into interactive environments, so failing to warn about secret handling materially increases the chance of credential leakage.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill clearly performs state-changing actions in a third-party system, including creating, modifying, and completing tasks, but the description does not explicitly warn users that it can act on their behalf. This can cause users or downstream agents to invoke the skill without understanding that it has write capabilities, increasing the risk of unintended task creation, modification, or completion in a real Feishu workspace.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The configuration instructions tell users to obtain and configure an App ID and App Secret but do not warn that the App Secret is sensitive credential material. This omission increases the chance of accidental disclosure in prompts, logs, screenshots, repositories, or shared agent configuration, which could enable unauthorized access to the Feishu integration.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal