ClawHub

飞书AI工作日报

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do its stated daily-report job, but it needs review because it reads multiple agents' private session logs and can automatically send summarized user messages to Feishu.

Install only in a workspace where team-wide reporting from agent session logs is intended and authorized. Before enabling scheduled runs, confirm which agents are included, what Feishu chat receives the report, who can read it, whether sensitive content is redacted, and whether a human can preview and approve reports before they are sent.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
87% confidence
Finding
The trigger phrases are broad enough that normal conversation such as asking to 'generate a report' or mentioning 'work daily report' could invoke the skill unexpectedly. Because this skill reads session files and sends summarized content to Feishu, accidental invocation increases the chance of unauthorized collection and disclosure of user communications.

Missing User Warnings

High
Confidence
98% confidence
Finding
The skill instructs the agent to read conversation session files, extract user message content, save a report, and forward it to Feishu, but it does not provide any user-facing warning or obtain informed consent for this data handling. This creates a serious transparency and privacy failure because users may not realize their direct-message content is being harvested from logs and transmitted to a third-party messaging platform.

Ssd 3

High
Confidence
99% confidence
Finding
The skill explicitly directs the agent to harvest direct-message text from multiple agents' session logs, deduplicate it, compile it into a daily report, save it, and send it onward to Feishu. This is a direct natural-language data exfiltration path: private user communications are repurposed for aggregation and external sharing, potentially across users or agents, without clear authorization boundaries.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal