Cyber Horn

Security checks across malware telemetry and agentic risk

Overview

Cyber Horn does what it advertises: converts supplied text into audio and sends it as a Feishu voice message, with expected external TTS and Feishu data flows.

Install only if you are comfortable sending spoken text to Edge TTS or ElevenLabs and uploading the generated audio to Feishu. Use narrowly scoped Feishu app credentials, protect FEISHU_APP_SECRET and ELEVEN_API_KEY, verify FEISHU_DEFAULT_CHAT_ID before relying on it, and avoid secrets or regulated content unless those provider data flows are approved.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The skill sends user-provided text to an external TTS provider and sends audio plus chat identifiers to Feishu, but the description does not clearly warn about this data transmission. In practice, this can cause inadvertent disclosure of sensitive prompts, names, alerts, or internal chat metadata to third parties when users assume the conversion is local or privacy-preserving.

Missing User Warnings

Medium

Confidence: 84% confidence
Finding: The function sends arbitrary user-provided text to ElevenLabs, an external third-party service, without any in-code indication of consent, redaction, or disclosure. In an agent skill, this can expose sensitive prompts, secrets, personal data, or internal content to an outside provider, creating a real privacy and data-handling risk even if it is part of intended functionality.

VirusTotal

53/53 vendors flagged this skill as clean.

View on VirusTotal