ClawHub

Feishu Chat Importer

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it imports user-selected Feishu chat exports into persistent OpenClaw memory files.

Run --dry-run first, point --dir only at the Feishu export folder you intend to import, and set OPENCLAW_WORKSPACE explicitly if you use multiple workspaces. Imported conversations may contain private or business-sensitive content and will be stored in memory/episodic/ for later OpenClaw memory processing.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill declares no permissions, but its documented behavior clearly requires reading chat export files, writing episodic memory files, invoking Python, and optionally using environment configuration. This mismatch is dangerous because it hides the real trust and execution boundary from users and any permission-gating system, increasing the chance that sensitive chat data is imported or written without informed approval.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill is specifically designed to ingest chat history and persist message content into memory/episodic files, yet the documentation provides no warning that Feishu exports may contain highly sensitive personal, business, or secret data. This creates a real privacy and data-handling risk because users may import confidential conversations into a broader agent memory store that could later be surfaced, processed, or exposed unexpectedly.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The script prints normalized chat content directly to stdout as JSON lines, which can expose private Feishu message contents to terminals, logs, pipelines, or calling tools without any explicit warning or consent checkpoint. In this skill's context, the entire purpose is to import chat history into memory, so handling sensitive personal communications is expected, which makes accidental disclosure through stdout more likely and more consequential.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal