ClawHub

Feishu Bot

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Feishu/Lark bot helper, but it can send real messages, manage chats, and trigger approval workflows using the configured app permissions.

Install only if you intend to let an agent act through a Feishu/Lark app. Use a dedicated low-privilege app, grant only the scopes you need, confirm recipients and approval actions before execution, and restrict webhook URLs operationally to trusted Feishu/Lark endpoints.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill documentation instructs users to provide secrets via environment variables and describes external API operations, but the skill does not declare corresponding permissions. This creates a transparency and governance gap: an agent or platform may allow the skill to access network and environment data without explicit user awareness or policy review, increasing the chance of unintended secret exposure or unauthorized outbound actions.

Context-Inappropriate Capability

Medium
Confidence
93% confidence
Finding
The skill exposes a generic webhook sender that can POST arbitrary content to any caller-supplied URL, which is broader than a Feishu-only integration and creates an exfiltration/SSRF primitive. In an agent context, this can be abused to send sensitive data or internal metadata to attacker-controlled endpoints without restriction.

Missing User Warnings

Medium
Confidence
85% confidence
Finding
The webhook method transmits caller-provided content to an arbitrary external URL with no confirmation, warning, or audit-oriented disclosure. In a skill/agent setting, lack of transparency increases the risk of covert data exfiltration because users may believe messages stay within the Feishu integration boundary.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal