ClawHub

Lark Report Collector

Security checks across malware telemetry and agentic risk

Overview

This skill has a legitimate Lark reporting purpose, but it can use a logged-in Lark session to collect employee report data, store it locally, create docs, and send notifications without enough built-in scoping or approval steps.

Install only if you are comfortable letting an agent operate through your Lark login. Before use, specify the exact Lark account, team/template, week, output doc location, notification recipients, and whether local report files may be created. Review the generated summary and recipient list before any notification is sent, and delete or protect any temporary extraction file afterward.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill explicitly instructs the agent to append extracted weekly report data to a local file, but provides no guidance on minimizing, securing, or deleting that data. Because the reports contain employee status information and likely sensitive work updates, local persistence increases the risk of unintended retention, leakage to other tasks, or exposure on a shared host.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The skill directs creation of Lark Docs and sending notifications containing summarized report information and submission-status data, but does not clearly disclose that employee data will be transmitted to external Lark services. In a workflow handling internal reports and unsubmitted-member lists, lack of transparency and consent can lead to unauthorized disclosure or over-sharing within the organization.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal