ClawHub

Feishu Webhook

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Feishu webhook sender; it sends provided text to Feishu, which matches its stated purpose.

Install only if you want an agent or user command to post supplied content to Feishu. Verify the webhook points to the intended channel or DM, keep the webhook URL and secret out of source control, and do not pass secrets, personal data, or private reports unless they are meant to appear in that Feishu destination.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The README instructs users to send arbitrary Markdown content to an external Feishu webhook but does not clearly warn that message contents will leave the local environment and be transmitted to a third-party service. In an agent-skill context, this can lead to accidental disclosure of sensitive reports, secrets, or internal data because users may treat the skill as a local formatting utility rather than a networked exfiltration path.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The documentation instructs users to pipe arbitrary Markdown content into a script that sends it to a Feishu webhook, but it does not clearly warn that all provided content will leave the local environment and be delivered to an external third-party service. In agent settings, this creates a real risk of accidental data exfiltration if sensitive prompts, reports, or secrets are passed through the heredoc.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The script reads arbitrary stdin content and transmits it to a remote Feishu webhook with no confirmation, content classification, or warning that input will leave the local environment. In agent workflows, this can cause accidental disclosure of secrets, internal reports, or sensitive prompt/context data if upstream components pipe unreviewed content into the skill.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal