Back to skill

Security audit

Document Hub

Security checks across malware telemetry and agentic risk

Overview

Document Hub is a coherent PRD template generator with optional user-invoked Feishu publishing, but users should review privacy and security defaults before using it for sensitive documents.

Install only if you are comfortable generating PRDs locally and optionally sending the generated title and markdown to Feishu. Do not use Feishu upload for confidential, regulated, or customer-sensitive PRDs unless your organization approves it, and revise the API template to avoid tokens in URLs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (6)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill promotes one-click Feishu upload but does not warn that generated PRD content will be transmitted to an external third-party service. PRDs often contain sensitive product plans, internal architecture, API details, or customer/business information, so users may unknowingly exfiltrate confidential data.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The CLI example enables `--feishu` document creation without explaining that the input JSON and rendered PRD content may be uploaded to Feishu. This creates a realistic risk of accidental disclosure because users may treat the command as a local generation step rather than an external transmission action.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The Feishu integration section shows direct API usage to create remote documents but omits any notice that the generated markdown content is sent to an external platform. Because the examples involve product requirement documents, the context makes the omission more dangerous: these documents commonly include proprietary strategy, roadmap, model prompts, API endpoints, and internal operational details.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The template offers an 'Autonomous' mode where AI can act on its own, but it does not require an explicit warning that such actions may affect systems, data, or external resources. In a PRD template, this omission can normalize unsafe product designs and lead teams to ship autonomous behavior without adequate user consent, guardrails, or approval checkpoints.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The template defines a fallback state as a 'silent switch' and describes graceful degradation without requiring users to be informed when behavior changes. Silent fallback can hide material differences in model quality, decision logic, or data handling, causing users to trust outputs they would have evaluated differently if they knew the system had degraded or switched to a backup path.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The template explicitly recommends passing a WebSocket token in the query string, which is commonly exposed in logs, browser history, intermediaries, and monitoring systems. Even over WSS, query parameters are more likely to be retained or leaked than headers or post-connect authentication messages, increasing credential disclosure risk.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.