Back to skill

Security audit

Feishu Messaging

Security checks across malware telemetry and agentic risk

Overview

This skill is a Feishu messaging guide with visible API examples, but users should be careful because messages and selected files can be sent to Feishu.

Install only if you intend an agent to help with Feishu messaging. Use least-privilege Feishu app scopes, keep app secrets out of shared chats and logs, and confirm the recipient, message text, and exact file path before any send or upload action.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Description-Behavior Mismatch

Medium
Confidence
89% confidence
Finding
The manifest advertises document creation, but the skill content does not actually implement or document a document-creation flow. This is primarily a trust and predictability problem: users may authorize or rely on behavior that is not present, increasing confusion and the chance of unsafe substitutions or misuse.

Description-Behavior Mismatch

Medium
Confidence
89% confidence
Finding
The manifest advertises document creation, but the skill content does not actually implement or document a document-creation flow. This is primarily a trust and predictability problem: users may authorize or rely on behavior that is not present, increasing confusion and the chance of unsafe substitutions or misuse.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The trigger conditions are broad and loosely bounded, which can cause the skill to activate for ambiguous requests involving chat lookup, retries, or messaging-related tasks. In a skill that can send messages and upload content to an external service, overbroad activation raises the risk of unintended external actions or data disclosure.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill description does not warn that user-provided message content and potentially attached files are sent to Feishu APIs. Without an explicit disclosure, users may unknowingly provide sensitive content that leaves the local environment and becomes subject to third-party processing and retention.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The image and file upload examples directly open local files and upload them to Feishu, but the markdown gives no warning that local content will be exfiltrated to an external platform. Because these examples normalize file transmission without consent language or sensitivity checks, they materially increase the risk of accidental disclosure of local data.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.