Security audit

Feishu Mcp Remote

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only Feishu integration skill whose sensitive API access is disclosed and aligned with its purpose, though users should handle tokens and document writes carefully.

Install only if you intend to let an agent access Feishu through UAT or TAT credentials. Use least-privilege tokens, restrict X-Lark-MCP-Allowed-Tools to the smallest needed set, avoid sharing secrets in chats, and require explicit review before creating, updating, commenting on, fetching, or transmitting sensitive Feishu content.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 80% confidence
Finding: The skill encourages creating, reading, and updating Feishu documents over remote HTTP APIs without clearly warning that document contents, file data, and identifiers are transmitted to external Feishu services and may modify user data. In an agent context, this can lead to unintended exfiltration of sensitive business content or unauthorized state-changing actions if users are not explicitly informed and consenting.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.