ClawHub

Lark Project / Meegle

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Meegle/Lark Project automation guide that can change project data, so it is appropriate only when the user trusts the Meegle CLI and reviews write actions.

Install this only if you trust the @lark-project/meegle CLI and are comfortable letting an agent act through your Meegle account. For creates, updates, comments, workflow transitions, rollbacks, subtasks, and attachments, review the project key, work item ID, field values, user IDs, file path, and destination before allowing execution; avoid uploading secrets or regulated files unless your organization permits it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
This section documents mutating commands such as workitem update without any explicit requirement to obtain fresh user confirmation before changing remote Meegle data. In an agent setting, that omission is dangerous because ambiguous natural-language requests or mis-resolved IDs could cause unintended edits to production project data, and the skill text otherwise encourages direct execution once parameters are inferred.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
Workflow transition and rollback operations change task state and can alter downstream business process, approvals, and audit history, yet the skill provides no user-facing warning or confirmation requirement. In an autonomous agent context, these commands are especially sensitive because a mistaken transition_id, node selection, or inferred intent can prematurely complete, reopen, or roll back workflow items.

Missing User Warnings

Medium
Confidence
81% confidence
Finding
The attachment section instructs the agent to obtain signed storage URLs and perform direct upload/download, but it omits any privacy, sensitivity, or destination warning. That is risky because attachments may contain confidential data, and signed URLs can expose access to object storage resources if mishandled, logged, or shared back to the user unnecessarily.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal