ClawHub

Feishu Cli

Security checks across malware telemetry and agentic risk

Overview

This is a legitimate Feishu CLI helper, but it gives an agent broad Feishu write, messaging, and permission authority without clear confirmation or least-privilege guidance.

Review before installing. Inspect or pin the GitHub installer, use a dedicated least-privileged Feishu app, and require manual confirmation before the agent sends messages, writes documents or sheets, imports or exports sensitive content, creates events or tasks, or changes collaborator permissions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The activation conditions are broad enough to match many ordinary Feishu-related requests, which can cause the skill to auto-activate in situations the user did not specifically intend. In this skill, that matters because the available actions include document modification, messaging, permission changes, and other state-changing operations, so accidental invocation increases the chance of unintended high-impact actions.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill exposes high-impact capabilities such as writing documents, sending messages, changing permissions, and creating calendar/tasks, but does not require user confirmation or warn about side effects. In an agent context, this makes accidental or coerced execution more dangerous because normal-language requests could result in external actions affecting real users, data, or access control.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal