Feishu Voice Assistant

Security checks across malware telemetry and agentic risk

Overview

The skill does what it advertises, but it uses Feishu and Duby credentials, loads a workspace-level .env file, and depends on unbundled sibling modules that control what file gets uploaded.

Review or isolate this skill before installing. Run it only with a minimal .env containing the Duby and Feishu credentials it needs, inspect the missing ../duby and ../feishu-common modules, and avoid sending sensitive text unless you are comfortable with it being processed by Duby and delivered through Feishu.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 84% confidence
Finding: The skill documentation declares no permissions even though it requires environment-based secrets and external service access. This can mislead users and platforms about the skill's actual capabilities, reducing informed consent and making accidental overexposure of credentials or unreviewed networked behavior more likely.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The skill sends user-provided text to a third-party TTS provider and then transmits generated audio into Feishu chats, but the description does not clearly warn about these outbound data flows. Users may unknowingly provide sensitive content, assuming processing is local, which can result in unintended disclosure to external services and messaging recipients.

VirusTotal

No VirusTotal findings

View on VirusTotal