Feishu Screenshot

Security checks across malware telemetry and agentic risk

Overview

This skill clearly sends screenshots to Feishu, but it can capture the whole screen and transmit it from broad screenshot requests without a confirmation step or clear destination control.

Install only if you want an agent to capture your entire primary screen and send it to Feishu. Before use, close sensitive windows, make the Feishu recipient explicit, require confirmation before sending, and delete the local/workspace screenshot files afterward.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The trigger phrases include very generic requests like “截图” and “屏幕截图”, which can cause the skill to activate for ordinary screenshot requests even when the user did not intend to send anything to Feishu. In this skill, accidental activation is more dangerous because the workflow captures the full screen and proceeds toward exfiltrating the image to an external messaging platform.

Missing User Warnings

High

Confidence: 97% confidence
Finding: The skill explicitly captures the entire primary screen and sends the resulting image to Feishu, but it provides no user confirmation, privacy warning, redaction guidance, or scope limitation. This creates a high risk of unintentionally disclosing sensitive information visible on screen, including credentials, personal data, internal documents, chats, or security-sensitive interfaces.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal