ClawHub

Feishu API Lookup

Security checks across malware telemetry and agentic risk

Overview

This is a useful Feishu API reference skill, but it also teaches agents to read local Feishu app secrets and use them for real tenant API actions without enough safety boundaries.

Install only if you intentionally want an agent to help with Feishu API work and are comfortable with it seeing Feishu app credentials. Review any generated API call before execution, especially delete, update, permission, message, file, document, and record operations. Prefer providing narrowly scoped credentials explicitly instead of letting the agent read local OpenClaw configuration secrets.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Description-Behavior Mismatch

Medium
Confidence
97% confidence
Finding
The skill is presented as a documentation lookup tool, but it includes instructions to obtain local Feishu credentials, mint tenant access tokens, and perform live authenticated API calls, including write and delete operations. This expands the skill from passive lookup into an operational capability that can drive real actions against a tenant, increasing the risk of unintended data access, modification, or deletion.

Context-Inappropriate Capability

High
Confidence
99% confidence
Finding
The skill instructs reading app credentials directly from /root/.openclaw/openclaw.json, which is sensitive local secret material unrelated to a lookup-only skill. Embedding local secret access guidance normalizes credential harvesting behavior and enables any user of the skill to pivot from documentation lookup into authenticated access to the Feishu tenant.

Context-Inappropriate Capability

Medium
Confidence
96% confidence
Finding
The skill provides generalized guidance for making authenticated Feishu API requests and highlights many mutating operations such as create, update, move, add, and delete. For a lookup skill, this is unjustified capability expansion that can encourage users or agents to act on production resources instead of merely consulting documentation.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The documentation shows how to retrieve and use Feishu app credentials and exchange them for access tokens without warning that these are sensitive secrets or that resulting requests may access tenant data. This omission increases the chance of unsafe handling, accidental disclosure, or unreviewed authenticated actions.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The quick reference lists destructive or state-changing endpoints such as delete message, update message, create group, move file, create node, and permission changes without any warning that these operations can alter or remove user data. In a lookup-oriented skill, that omission makes misuse more likely because dangerous actions are presented alongside harmless reference material with no safety boundary.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal