ClawHub

Create Feishu Doc

Security checks across malware telemetry and agentic risk

Overview

This skill is a Feishu document-creation helper whose remote document-writing behavior matches its stated purpose, though users should confirm before sending sensitive content to Feishu.

Install this only if you want the agent to create or update Feishu documents. Confirm the target document, account/workspace, and content before use, and avoid sending secrets, regulated data, or confidential drafts unless your Feishu permissions and retention policies allow it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (7)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The README encourages creating and populating Feishu documents but does not clearly disclose that user-provided content will be transmitted to an external Feishu service. In an agent skill context, missing outbound data-sharing disclosure can lead to unintentional exfiltration of sensitive prompts, drafts, or internal documents because users and integrators may not realize the content leaves the local system.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The activation rule says the skill must be used for essentially any request involving Feishu documents or compiling structured content, which is broad enough to trigger on common documentation tasks without clear user intent to send data to Feishu. In an automated agent environment, this can cause over-invocation of an external-writing skill and unnecessary transfer of sensitive content to a third-party platform.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The trigger description is overly broad and can activate on generic writing or document-organization requests, causing the agent to route ordinary content into a Feishu document workflow without sufficiently clear user intent. In practice, this can lead to unintended transmission of user-provided text to an external service and unnecessary remote document creation, especially when requests mention structured writing but do not explicitly ask for Feishu.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill describes creating and appending user content into Feishu documents but does not warn that the content will be sent to Feishu via API and stored remotely. This is dangerous because users may provide sensitive drafts, internal plans, or proprietary text without understanding that the skill performs external data transfer and persistence.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The description mandates using this skill for a very wide range of requests, including generic document creation, reports, notes, articles, and novels, which can cause the agent to invoke it on many ordinary prompts unrelated to a narrowly scoped Feishu action. Overly broad activation increases the attack surface for unintended tool use, misrouting, and possible exfiltration of user content into an external document platform when the user did not clearly intend that outcome.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The guide documents state-changing operations such as create, write, append, update, and delete against remote Feishu documents without explicitly warning that they modify persistent external data. In an agent skill context, this can cause users or downstream agents to invoke destructive or unintended actions without clear consent boundaries, increasing the risk of accidental overwrites or deletions.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The script collects arbitrary user-provided document content and is designed to send it to Feishu, but it does not present any explicit notice, confirmation, or data-sensitivity warning before transmission. In a document-generation skill, users may input confidential business, personal, or proprietary material, so silent transfer to an external SaaS increases the risk of unintended data disclosure.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal