ClawHub

feishu-sheet-tabs

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed workaround for creating Feishu spreadsheet tabs, but users should confirm the target sheet and tab changes before letting it act in an authenticated browser session.

Install only if you are comfortable letting an agent use your logged-in Feishu browser session to change spreadsheet structure. Before use, confirm the exact spreadsheet URL, workspace/account, current tabs, and tabs to create or rename; do not reuse the example token from the documentation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The skill instructs the agent to mutate an existing Feishu spreadsheet via browser automation but does not require an explicit user-facing confirmation immediately before rename/create actions. Because these actions alter a live document in the user's authenticated session, an agent could make unintended changes to production data or structure based on ambiguity or stale context. The skill context increases risk because it specifically targets an existing user-owned spreadsheet and recommends direct runtime method calls that bypass safer, more constrained API flows.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The notes embed a concrete Feishu spreadsheet token directly in skill documentation, which can expose a live internal resource identifier to anyone with access to the skill files. In this skill's context, the token is especially sensitive because the skill is specifically about manipulating worksheet tabs in an existing spreadsheet, so the identifier could be reused to target or enumerate that document if permissions are misconfigured or if combined with other access paths.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal