Feishu Doc Workflow

Security checks across malware telemetry and agentic risk

Overview

This instruction-only Feishu document workflow is coherent and disclosed, but its public-link sharing steps should be used carefully.

Install only if you want an agent to edit Feishu documents and, when asked, make them publicly readable by link. Before using the public-sharing step, verify the exact document and confirm it contains no confidential, internal, personal, or regulated data; prefer narrower Feishu sharing when public access is not necessary.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill explicitly instructs changing Feishu document permissions to internet-readable settings such as `external_access_entity = open` and `link_share_entity = anyone_readable` without requiring a privacy warning, confirmation of data sensitivity, or a least-privilege check. This can cause accidental public exposure of internal or confidential documents if the workflow is used on the wrong file or followed mechanically.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal