Auwomo Message

Security checks across malware telemetry and agentic risk

Overview

This skill is a clearly disclosed Feishu/Lark private-message helper, but users should verify recipient and text before sending real organization messages.

Install only if you trust the local auwomo and lark-cli tools and the configured bot account. For important messages, ask the agent to run dry-run first and confirm the exact recipient and message text before sending.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 95% confidence
Finding: The trigger list includes very generic English terms such as "message" and "send", which can match many unrelated user requests and cause unintended skill activation. In a messaging skill, accidental invocation is security-relevant because it may lead to sending notifications or private messages to organizational members when the user did not intend to use this capability.

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The trigger examples are broad enough that ordinary conversational phrases like '通知某人某件事' or '发给 xxx：...' could activate a message-sending skill without a clearly constrained intent check. In a skill that causes outbound communication to real organization members, ambiguous activation increases the risk of unintended message delivery, social engineering assistance, or misuse from loosely matched user prompts.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal