ClawHub

Feishu Wiki Andy27725

Security checks across malware telemetry and agentic risk

Overview

This Feishu wiki skill is not deceptive, but it can change shared wiki pages and structure without clear safeguards.

Install only if you want the agent to work with Feishu wikis. Prefer readonly Feishu permissions for browsing, review the separate feishu_doc dependency before enabling edits, and require explicit confirmation before creating pages, moving nodes, renaming nodes, or writing document content.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The activation description is broad enough that the skill may trigger on generic mentions of 'knowledge base', 'wiki', or wiki links, causing the agent to enter a capability set that includes write operations. In a tool that can create, move, rename, and edit live Feishu wiki content, over-broad activation increases the chance of unintended destructive or privacy-impacting actions from loosely related user prompts.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill exposes write-capable operations without warning that they modify live wiki content, which can lead users or downstream agents to perform irreversible or disruptive actions unintentionally. Because the documented operations affect shared organizational knowledge bases, mistakes can impact many users and business content, not just a local draft.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
Create, move, and rename operations can alter wiki structure, page discoverability, and organizational knowledge integrity, yet the skill provides them as straightforward actions with no caution or approval flow. In a collaborative workspace, moving or renaming nodes can break workflows, confuse users, or hide important documents even if no content is deleted.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The wiki-to-doc workflow ends in a direct write to a live Feishu document but does not warn that this step changes shared content immediately. This is especially risky because the workflow normalizes reading and then writing as a simple sequence, which can cause accidental overwrites, unauthorized edits, or data integrity issues if triggered from ambiguous instructions.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal