ClawHub

Bi2 Report Generator

Security checks across malware telemetry and agentic risk

Overview

This skill is meant to create and share business reports, but it embeds Feishu credentials and can upload local files with limited user control.

Review before installing. Use this only if you control the Feishu app and recipients, rotate the exposed Feishu secret, replace hardcoded credentials with user-scoped configuration, and require confirmation of the exact file and Feishu recipient before each send.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
97% confidence
Finding
The file advertises report generation, but also contains code to upload arbitrary files and send messages through Feishu, which is a materially different capability from the visible purpose. Hidden or non-obvious exfiltration-capable functionality is dangerous because it can transmit generated reports or local files to external recipients without clear operator awareness.

Intent-Code Divergence

Medium
Confidence
88% confidence
Finding
The module claims to generate a report from PPTX screenshot data, but the implementation largely writes a static template and ignores the supplied business data. This mismatch is risky because deceptive or inaccurate functionality can cause users to trust generated output or approve downstream sharing of content that was not actually derived from the claimed source.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill explicitly performs side-effecting actions beyond report generation: it saves files to a local user-specific path, uploads the generated HTML to Feishu, and deletes temporary files, but the user-facing description does not clearly warn that these actions will occur automatically. This can lead to unintended data persistence, disclosure of potentially sensitive business data to external systems, and destructive cleanup behavior without explicit user confirmation.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The code can upload a local file to Feishu and send it to a user without any user-facing disclosure, prompt, or consent mechanism. Silent external transmission of locally generated artifacts is dangerous because it enables unintended data leakage and makes it hard for an operator to understand where sensitive business information is going.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal