ClawHub

📅 飞书文档待办自动识别

Security checks across malware telemetry and agentic risk

Overview

This skill appears useful and purpose-aligned, but it can read Feishu documents and create calendar events or invitations from them with broad triggers and insufficient user-facing confirmation guidance.

Install only if you are comfortable letting the skill read Feishu document content and create calendar entries from it. Before use, review the parsed todos, dates, assignees, and invitees, and avoid using it on sensitive documents unless you intend that information to become calendar data or notifications.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The README describes a workflow that reads Feishu document content, extracts owners/tasks, and then creates calendar events, but it does not clearly disclose that document contents and participant identifiers will be sent to Feishu APIs as part of event creation. This can cause users to trigger processing of potentially sensitive business data without fully understanding the data flow and side effects.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The example trigger '把这个文档的待办都创建成日历提醒' encourages automatic use of the current document and batch creation of calendar entries without an explicit warning that this performs external actions. In practice, a user may invoke it casually and unintentionally create multiple calendar events or notify participants based on document contents.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger phrases are broad enough to match ordinary user requests like “创建日历” or “设置日程”, which can cause the skill to activate in contexts the user did not intend. Because this skill reads documents and creates calendar events/invites, accidental invocation can lead to unintended actions on user data and calendars.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The description does not clearly warn that the skill will create calendar events and may invite attendees directly from document contents. In a skill with write-side effects, lack of upfront disclosure increases the risk of users authorizing actions without understanding that document data will be propagated into calendars and invitations.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger phrases are broad, generic calendar/task terms such as '创建日历', '设置日程', and '待办提醒', which can match many normal user requests unrelated to this specific skill. This increases the chance of unintended invocation, causing the agent to access Feishu document content or create calendar entries when the user did not explicitly intend to use this skill.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal