ClawHub

feishu-drive

Security checks across malware telemetry and agentic risk

Overview

This looks like a real Feishu Drive helper, but it under-discloses high-impact sharing and security-admin actions that could expose business files if used without strict controls.

Install only if you intend to let an agent manage Feishu Drive files and change sharing settings. Use a dedicated shared-folder anchor, least-privilege Feishu app scopes, and require explicit human approval before any tenant-wide, external, or internet-public sharing, especially public edit links.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
The skill documentation instructs the agent to perform permission and collaborator management ('写后必授', add users as full_access collaborators) even though the manifest and declared scope present this as a file-management skill. This hidden expansion of authority increases the chance that an agent will modify sharing/access controls without explicit user understanding, enabling unintended privilege grants or broader document exposure.

Description-Behavior Mismatch

Medium
Confidence
84% confidence
Finding
The documentation advertises audit/security functions such as download-record inspection and security label management that are not reflected in the manifest description. This mismatch can mislead reviewers and users about the true data sensitivity and operational reach of the skill, especially when dealing with file access histories and classification metadata.

Description-Behavior Mismatch

High
Confidence
97% confidence
Finding
The collaboration/visibility matrix explicitly guides the agent to set organization-wide or internet-public read/edit access, substantially expanding the skill from file handling into broad access-control administration. In practice, this can cause mass oversharing, public exposure of internal files, or unauthorized edit access if the agent follows these instructions automatically after write operations.

VirusTotal

No VirusTotal findings

View on VirusTotal