ClawHub

飞书语音发送器(TTS) Feishu Voice Sender

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Feishu/Lark voice-message helper that sends user-provided text or optional user-provided OGG audio through Volcengine and Feishu APIs.

Install only if you intend to let this skill send Feishu/Lark voice messages and process text or selected audio through Volcengine. Use least-privileged Feishu and Volcengine credentials, avoid passing sensitive text or audio unless you are comfortable with that external processing, and invoke ASR only on audio files you explicitly chose.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
88% confidence
Finding
The skill metadata says it should be invoked only when the user explicitly requests sending a Feishu voice message, but this function also permits reading arbitrary local .ogg files for ASR. That expands the capability from message sending into local file access and external transcription, which can expose sensitive local audio beyond the stated purpose.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The ASR function reads a local audio file and uploads its full contents to an external provider without any user-facing disclosure or confirmation at the operation point. In a skill context, this matters because the user may think they are using a Feishu voice utility, not authorizing transfer of arbitrary local file contents to a third-party speech API.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The TTS flow sends user text and optional context to an external speech provider, and the overall send flow then transmits resulting content to Feishu, without explicit disclosure at the call site. This is not unusual for an integration skill, but it is still a real privacy/security concern because user-provided content may contain sensitive data and the skill description does not prominently surface the third-party transmission.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal