Feishu Doc Editing

Security checks across malware telemetry and agentic risk

Overview

This is a visible guidance-only skill for faster Feishu document edits, with expected document-mutation advice and no hidden code or installer behavior.

Install only if you want agents to help edit Feishu documents. Because it can guide agents to update or delete document blocks, review planned edits before applying them to important shared documents, especially when other people may be editing at the same time.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 86% confidence
Finding: The skill explicitly recommends destructive actions such as `delete_block`, structural edits, and replacement-style updates, but it does not include safeguards like confirmation requirements, backup/versioning guidance, or explicit warnings about irreversible content loss. In a document-editing skill, this increases the chance that an agent will perform high-impact modifications on the wrong blocks or stale state, causing accidental data loss or overwriting concurrent user edits.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal