ClawHub

feishuAgentAdd

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do what it claims, but it handles a Feishu App Secret in an unsafe command-line pattern while making persistent OpenClaw configuration changes.

Install only if you intend to add a real Feishu bot to OpenClaw and are comfortable with persistent local config changes. Prefer the interactive hidden prompt or another protected secret method instead of --app-secret on the command line, run --dry-run first, review the preview, use a low-privilege Feishu app, and disable agent-to-agent collaboration if the new bot does not need it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The README states that the tool reads and modifies local OpenClaw configuration, creates workspaces, writes template files, and changes bindings, but it does not present an upfront warning that these are state-changing filesystem operations. In an agent/skill context, users may treat documentation-led invocation as low risk, so insufficient disclosure can lead to unintended local modifications and trust boundary violations.

Missing User Warnings

High
Confidence
98% confidence
Finding
The documentation instructs users to pass the Feishu App Secret directly on the command line, which can expose credentials through shell history, process listings, audit logs, telemetry, and copied terminal transcripts. In a shared workstation, CI, or agent-executed environment, this creates a realistic risk of secret disclosure and downstream compromise of the Feishu app.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill instructs collection of Feishu App ID and App Secret and then passes them on the command line to a config-modifying script with `--yes`, which suppresses interactive confirmation. Command-line secrets may be exposed via shell history, process listings, logs, or transcripts, and the markdown does not clearly warn that configuration will be modified and sensitive credentials processed.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal