ClawHub

Feishu Reading Task

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it creates Feishu read-later tasks from chat content and records saved items locally, with no hidden code behavior found.

Install only if you want trigger phrases in chat to create Feishu tasks and you are comfortable with saved links, titles, descriptions, sender IDs, and timestamps being used for the task and recorded in a local memory file. Use care in sensitive conversations because the trigger phrases are somewhat broad.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger list includes generic phrases like “待阅读”, “稍后阅读”, and “添加到待办”, which can appear in normal conversation and cause the skill to activate unintentionally. In this skill, accidental activation is more dangerous because it can extract conversation content, create Feishu tasks, and persist data to local memory without an explicit confirmation step.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The README states that extracted content is written to memory/YYYY-MM-DD.md but does not warn users that conversation-derived data will be stored locally. This creates a privacy and data-handling risk because users may unknowingly cause links, titles, descriptions, or contextual details from chats to be retained beyond the immediate action.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The README says the skill extracts content from conversation and calls the Feishu Tasks API, but it does not disclose that conversation-derived data will be transmitted to an external service. This is risky because users may not expect URLs, inferred titles, descriptions, or participant-linked task metadata to be sent off-platform, particularly when extraction is automatic.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The trigger phrases are broad, common-language expressions that could be matched unintentionally during normal conversation, causing the skill to activate without sufficiently clear user intent. In a skill that may create external tasks and persist data, ambiguous activation increases the risk of unwanted side effects, incorrect task creation, and inadvertent recording of sensitive content.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The description presents the skill as a convenience feature but does not prominently warn that it may automatically create Feishu tasks and write conversation-derived content to memory storage. This weak transparency can lead users to trigger the skill without understanding that data will be persisted or sent to external systems, which is especially risky if the conversation includes private links, documents, or personal identifiers.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal