ClawHub

飞书日历管理

Security checks across malware telemetry and agentic risk

Overview

This Feishu calendar skill is coherent, but users should review it because it can change or delete live calendar events and stores Feishu OAuth credentials in a local plaintext file.

Install only if you want OpenClaw to manage your Feishu calendar, not just read it. Prefer read-only calendar permissions if lookup is enough, protect the .user_token.json file from sharing, backups, logs, and commits, and require the agent to confirm event title, time, and ID before updates or deletions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger conditions are broad natural-language descriptions such as asking about schedules or creating meetings, which can overlap with ordinary conversation and cause unintended activation. In a skill that can read, create, update, and delete calendar events, accidental invocation can lead directly to privacy exposure or unintended calendar modifications.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill documents update and delete capabilities for calendar data but does not describe any user confirmation, preview, or warning before mutating data. In this context, broad triggers combined with destructive actions make accidental deletion or modification materially more dangerous, especially because calendar entries may contain sensitive meeting details and business commitments.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The guide instructs users to persist highly sensitive OAuth material, including access_token, refresh_token, and app_secret, into a local JSON file under the workspace without any warning about secrecy, file permissions, or safer storage alternatives. If that file is read by other local users, malware, backups, logs, or accidentally committed/shared, an attacker could reuse the tokens or secret to access and manipulate the user's Feishu calendar and potentially maintain access via refresh flows.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal