ClawHub

Feishu Edge TTS Voice

Security checks across malware telemetry and agentic risk

Overview

This skill coherently turns user-provided text into audio and sends it as a Feishu voice message, with the main privacy risk being expected external processing and Feishu credential use.

Install only if you intend to send real Feishu voice messages through this skill. Use least-privilege Feishu app credentials, verify the recipient and message content before sending, and avoid sending secrets or sensitive internal text unless Edge TTS and Feishu handling are acceptable for that data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Vague Triggers

Medium
Confidence
78% confidence
Finding
The activation text uses broad phrases such as replying by voice or reading content with TTS, which can overlap with many ordinary user requests. Overbroad triggering can cause the skill to activate unexpectedly and send synthesized audio or user content to external services when the user did not explicitly intend to use this integration.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The workflow explicitly describes uploading generated audio to the Feishu API and sending it as a message, which means user-provided content is transmitted to an external service. Without a user-facing warning or consent step, sensitive text may be transformed and sent off-platform using stored credentials, creating privacy and data-handling risk.

Missing User Warnings

Low
Confidence
86% confidence
Finding
The documentation states that Feishu appId and appSecret are automatically read from configuration, but it does not clearly warn users that stored credentials are accessed and used implicitly. This weakens transparency and can surprise users or administrators about credential usage, especially in shared or multi-tenant environments.

Missing User Warnings

Medium
Confidence
75% confidence
Finding
The script silently reads Feishu application credentials from a local configuration file and uses them to obtain an access token, without any user-facing disclosure or consent prompt. In an agent-skill setting, this can surprise operators and enables privileged API actions using local secrets they may not realize the skill will access.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
User-supplied text is sent to the external Edge TTS service for speech generation, but the skill does not warn that message content will leave the local environment and be processed by a third party. In contexts where users may dictate sensitive or internal information, this creates a real data-exposure risk through undisclosed outbound sharing.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal