Back to skill

Security audit

Lark To Anything

Security checks across malware telemetry and agentic risk

Overview

This skill coherently exports a user-requested Feishu/Lark document into a local Markdown folder with downloaded assets.

Install only if you intend to let the agent use your Lark/Feishu CLI session to read the specified document and save a local copy. Confirm the output directory, be aware that /tmp/lark_fetch.json may temporarily hold document contents, and review any suggested global npm or skill-install command before approving it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill invokes shell commands, reads and writes local files, and downloads remote content, but it does not declare those capabilities or warn about them in a structured way. Hidden or undeclared privileged behavior reduces reviewability and can lead users or orchestrators to run a skill with broader effects than expected.

Missing User Warnings

Low
Confidence
82% confidence
Finding
The skill causes side effects on disk by creating output directories and downloading remote assets, but the user-facing description does not explicitly warn about those writes. In an agent setting, insufficient disclosure can lead to surprising persistence of files or unintended storage of remote content.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.