ClawHub

Feishu Meeting Assistant

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do what it claims: read upcoming Feishu meeting links, fetch linked document previews, and send a briefing card, but it handles sensitive meeting content.

Install only if you intend this agent to read Feishu documents linked from upcoming meetings and send previews to the configured Feishu user or chat. Set FEISHU_MASTER_ID to an authorized recipient, avoid using it on calendars containing confidential documents unless attendees consent, and review output before relying on it for sensitive meetings.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill description says it scans calendar events, reads attached Feishu documents, summarizes their contents, and sends a briefing card, but it does not clearly warn the user about this potentially sensitive data access and onward transmission. Because meeting attachments and document contents often contain confidential business information, users may enable or run the skill without understanding the scope of collection and sharing.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The code automatically reads linked Feishu docs from event descriptions, extracts previews, and sends that content onward in a chat card to a recipient defined by FEISHU_MASTER_ID. This creates a real data-leak path because sensitive meeting materials can be redistributed without verifying whether the recipient is authorized, whether the documents are confidential, or whether the meeting owner intended external forwarding.

Ssd 3

Medium
Confidence
96% confidence
Finding
The skill collects document content from calendar-linked docs and automatically prepares summaries for transmission to a fixed target, with no contextual access-control checks, no sensitivity classification, and no minimization beyond truncation. In the context of meeting workflows, this is especially risky because calendar descriptions often contain links to internal planning, strategy, or HR documents that may be visible to the skill but not intended for onward sharing.

Ssd 3

Medium
Confidence
95% confidence
Finding
The outbound message contains raw meeting title, timestamp, and document previews, all of which may reveal confidential business context even if the full documents are not included. Because the destination is a fixed environment-configured recipient and the code does not verify need-to-know or membership, the skill can leak sensitive operational or strategic information outside the intended audience.

VirusTotal

VirusTotal engine telemetry is currently stale for this artifact.

View on VirusTotal