Feishu Report Summary

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says, but it can use stored Feishu credentials to pull and export sensitive workplace report contents with limited built-in safeguards.

Install only if you trust the publisher and are comfortable letting an agent use your Feishu/OpenClaw credentials to read report data. Before running it, confirm the Feishu account, date range, rule/user filters, and output path; avoid exporting raw reports to shared temp locations, and review any summary before posting it to a chat or document.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Rogue AgentSelf-Modification, Session Persistence
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (3)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill explicitly instructs the agent to read Feishu credentials from ~/.openclaw/openclaw.json and call the Feishu Report API, but it does not require any user-facing notice, confirmation, or minimization of sensitive data handling. Because work reports can contain internal business information and the skill automates credential-backed access, this creates a meaningful risk of silent data access and transmission beyond what a user may expect.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The script retrieves Feishu report tasks and exports rich report content, including employee names, user IDs, department names, recipients, and report field contents, to stdout or an arbitrary file path without any masking, minimization, or sensitivity warning. In the context of a reporting/summary skill, this creates a real data exposure risk because work reports often contain confidential business updates and personal information, and the tool is explicitly designed to exfiltrate that data into external artifacts.

Session Persistence

Medium

Category: Rogue Agent
Content: node scripts/fetch_report_tasks.js --days 7 --rule-name "研发团队工作日报" --format markdown ``` Write the export to a file for later review: ```bash node scripts/fetch_report_tasks.js --date 2026-03-14 --output /tmp/feishu-report.md
Confidence: 90% confidence
Finding: Write the export to a file for later review: ```bash node scripts/fetch_report_tasks.js --date 2026-03-14 --output /tmp/feishu-report.md ``` ## Script Notes - The script reads Feishu credentials fr

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal