Feishu Public Table Monitor

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it fetches a user-supplied public Feishu/Lark page, compares table snapshots, and stores local baseline files for change detection.

Install only if you want an agent or cron job to fetch public Feishu/Lark pages and keep local JSON baselines for comparison. Use non-sensitive public URLs, set --state-dir if you want to control where snapshots are stored, and avoid running it against internal or authenticated pages.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 87% confidence
Finding: The skill instructs users to run a local Python script that performs network access to fetch Feishu pages and uses file reads/writes to maintain baseline state, but the skill declares no permissions. That mismatch is a real security issue because it prevents proper review and consent around network egress and local filesystem modification, which could enable unexpected data access, persistence, or exfiltration if the implementation is changed or abused.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal