飞书图片发送技能

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it sends a user-specified local image to Feishu, but users should be careful because that intentionally uploads the file through their Feishu app credentials.

Install only if you intend to let the agent send chosen image files through your configured Feishu app. Configure your own AppID/AppSecret, verify the file path and recipient before each send, do not rely on the documented allow-list as an enforced control unless you add it yourself, and avoid sending sensitive images unless you explicitly want them shared through Feishu.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The README explains how to send local image files and recipient identifiers to Feishu, but it does not explicitly disclose that these inputs are transmitted to an external third-party service over the network. This can lead users to unintentionally exfiltrate sensitive images or identifiers, especially because the skill is presented as simple and ready to use and encourages direct file-path based sending.

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The trigger phrase “发图给我” is very broad and likely to overlap with normal conversation, increasing the chance of accidental invocation. In a skill that can transmit local files to an external messaging platform, false activations could cause unintended data disclosure or unauthorized outbound actions.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal