ClawHub

feishu-smart-alarm

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate Feishu/Lark reminder bot, but it should be reviewed because it can process every chat message, store message details locally, and later post reminders back into chats without strong user controls.

Review before installing in shared or sensitive Feishu spaces. Use a low-permission dedicated Feishu app, restrict the chats that feed messages into this skill, require an explicit reminder phrase or bot mention where possible, protect the SQLite database, and define how stored reminders can expire or be deleted.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
87% confidence
Finding
The trigger rule allows automatic reminder creation for any message that appears to contain a task plus time structure, even without an explicit reminder request. In chat contexts this can cause unintended persistence and follow-up messaging based on ambiguous or quoted text, creating privacy, spam, and consent issues, especially in group chats where messages may reference other people or include sensitive deadlines.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill description does not clearly warn users that reminder content and identifiers are stored in a local SQLite database and that the system will later send messages back into the original Feishu chat. This reduces informed consent and may expose sensitive task details or deadlines to unintended chat participants if the original context was a group or if retention expectations were different.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The code persists raw message text plus identifiers such as receive_id, sender_open_id, sender_name, deadlines, and message metadata to a local database without any visible minimization, retention control, or consent/disclosure mechanism in this file. In a chat-reminder skill, these fields can contain sensitive personal or business data, so storing them indefinitely increases privacy and breach impact even if the feature is functionally necessary.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal