ClawHub

Feishu User Auth

Security checks across malware telemetry and agentic risk

Overview

This skill clearly performs Feishu OAuth login and stores a local user token for later Bitable syncing, but users should treat that token cache as sensitive.

Install only if you trust the Feishu app and the runtime helper that performs the OAuth exchange. Before authorizing, review the Feishu app permissions, protect ~/.codex/feishu-auth/content-system-sync.json like a password, avoid syncing it to backups or shared folders, and delete or revoke the token when it is no longer needed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The README explicitly states that `user_access_token` and `refresh_token` are cached locally, but it does not warn that these are sensitive bearer credentials or describe storage protections. On a multi-user machine, in backups, or if the token cache path is exposed, an attacker who obtains the file could impersonate the user to Feishu until the token is revoked or expires.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly caches a user_access_token and refresh_token on disk under the user's home directory but provides no warning about the sensitivity of these credentials. If the local machine, backups, or other processes can access that file, an attacker could reuse the tokens to act as the user and access Feishu resources until the tokens are revoked or expire.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill writes an authorization manifest to disk that includes the user's Feishu open_id and the token cache path, creating a durable record of sensitive authentication metadata. Even though the access token itself is not directly written here, exposing user identifiers and the local cache location lowers the bar for local data discovery, correlation, and follow-on token theft by other users, tools, or processes with workspace access.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The manifest explicitly states that a Feishu user_access_token will be cached locally, but it provides no warning about the sensitivity of that credential, storage duration, location, or protections. Access tokens can enable actions on behalf of the user, so undisclosed local persistence increases the risk of token theft, misuse by other local processes, or accidental retention beyond the user's expectations.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal