ClawHub

feishu-wiki

Security checks across malware telemetry and agentic risk

Overview

This Feishu Wiki skill appears purpose-aligned, but it can change shared knowledge-base content and its documentation does not clearly scope or gate those changes.

Install only if you are comfortable granting the Feishu bot access to the relevant wiki spaces. Before use, restrict bot permissions to specific spaces where possible, require explicit confirmation for create, move, edit, rename, or delete actions, and keep an audit trail or backup for important shared knowledge pages.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Scope Creep

Medium
Confidence
88% confidence
Finding
The skill documentation advertises read and state-changing capabilities beyond the manifest's declared permissions, including listing, retrieval, and moving nodes/spaces. This mismatch can mislead an agent or operator about what the skill is authorized to do, weakening permission transparency and increasing the risk of overbroad automation or unsafe fallback behavior when interacting with sensitive knowledge assets.

Intent-Code Divergence

Medium
Confidence
80% confidence
Finding
The summary claims the skill can rename and delete Wiki pages even though those operations are not implemented in the documented API section. Security-relevant capability inflation is dangerous because downstream agents may plan destructive actions based on false assumptions, or developers may later add such behavior without proper review, especially in a system that manages shared organizational knowledge.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill promotes automated creation, movement, and editing of Wiki structures without clear user-facing warnings, confirmation requirements, or discussion of data modification consequences. In a collaborative knowledge base, silent structural changes can cause data loss, broken navigation, accidental exposure through reorganization, and large-scale integrity issues if triggered by an agent on ambiguous instructions.

VirusTotal

59/59 vendors flagged this skill as clean.

View on VirusTotal