飞书项目OpenAPI技能

Security checks across malware telemetry and agentic risk

Overview

This Feishu Project API skill is openly project-management focused, but it can change or delete business project data and configuration without clear guardrails.

Review before installing. Use it only with a tightly scoped Feishu account or token limited to intended projects, and require explicit confirmation before any delete, bulk update, workflow transition, template or field change, view change, relationship edit, comment edit, or work-hour edit.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 81% confidence
Finding: The skill advertises broad trigger scenarios like querying opportunities, analyzing progress, managing templates, bulk task updates, and workflow configuration without defining clear activation boundaries or user-confirmation requirements. In an agent setting, vague triggers can cause the skill to activate for loosely related requests and perform high-impact project-management actions unexpectedly.

Missing User Warnings

High

Confidence: 94% confidence
Finding: The skill exposes destructive capabilities such as deleting work items, templates, views, and relationships, plus updating workflow and field configuration, but does not warn users about irreversible or high-impact effects. Without prominent warnings and safeguards, an agent may treat these operations as routine automation and cause data loss or permission-impacting changes.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal