Back to skill

Security audit

Feishu User Doc

Security checks across malware telemetry and agentic risk

Overview

This skill is a narrow Feishu document-creation helper that clearly discloses it acts as 韩博 and does not include hidden code, persistence, or credential collection.

Install this only in environments where creating Feishu documents as 韩博 is authorized. Users should make document-creation requests explicit and verify the title before running the command, because the skill creates real cloud documents under that account.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The trigger phrase "直接告诉我『创建飞书文档 xxx』" is overly broad and does not define confirmation, allowed parameter scope, or contextual safeguards before performing a state-changing action. Because this skill creates documents as a real user identity, ambiguous invocation can cause unintended document creation or accidental use when the user is only discussing the action rather than authorizing it.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill is explicitly designed to create documents "as user" and ensure ownership is directly assigned to 韩博, but it does not present a clear user-facing warning that actions will be performed under a specific human identity. This creates an identity/authorization transparency risk: users or upstream agents may trigger the skill without understanding that it impersonates or acts on behalf of a real account, leading to unintended actions, audit confusion, or abuse of delegated credentials.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.