ClawHub

Feishu Crm Automation

Security checks across malware telemetry and agentic risk

Overview

This CRM skill mostly matches its stated Feishu automation purpose, but it hard-codes a specific Feishu table target that could receive customer data if users do not override it.

Install only if you intend to connect an agent to Feishu CRM and can ensure it uses your own Bitable app_token, table_id, and permissions. Do not let it write real customer names, contact details, or requirements to the hard-coded table unless you have verified who controls it and that you are authorized to use it; require confirmation before any create or update action.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
99% confidence
Finding
The skill documentation exposes a concrete Feishu Bitable URL, app_token, and table_id for a live CRM dataset. Embedding real access coordinates in a broadly reusable skill can let the agent or anyone with access to the skill target a specific customer database, increasing the risk of unauthorized data access, modification, or privacy violations far beyond generic example documentation.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger description is broad enough to overlap with common business conversation topics like customer management, follow-up, reminders, and weekly reports. That increases the chance of accidental activation, which is especially risky here because the skill can query and write to external CRM records containing sensitive customer information.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs the agent to write customer information into Feishu records but does not require an explicit user-facing notice or confirmation that an external system will be modified. This can lead to silent data creation or updates in a production CRM, causing integrity, privacy, and auditability issues if the user did not intend a real write operation.

VirusTotal

No VirusTotal findings

View on VirusTotal