Feishu Bitable Query

Security checks across malware telemetry and agentic risk

Overview

This is a documented Feishu table-query helper that uses existing Feishu credentials to read records, with no hidden persistence, mutation, or unrelated behavior found.

Install only if you intend this skill to use the Feishu app credentials already stored in ~/.openclaw/openclaw.json. Use least-privilege Feishu app permissions, verify each app-token and table-id before running queries, and avoid --all-pages or broad filters unless a full table export is actually needed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 79% confidence
Finding: The activation guidance is broad enough that an agent could invoke the skill in many Feishu-related querying situations without clear user intent boundaries. In combination with automatic credential use and network access, ambiguous triggers increase the chance of unnecessary or overbroad access to enterprise table data.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The skill states that it automatically reads Feishu credentials from a local secrets file, but does not provide a user-facing warning or consent checkpoint. This is dangerous because an agent can silently leverage stored enterprise credentials to query potentially sensitive Bitable data, increasing the risk of unauthorized access, data leakage, and misuse of ambient credentials.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal