ClawHub

Lark Work Report

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Lark reporting helper that can verify or create a work group and post task summaries, with user confirmation built into the workflow.

Install this only if you want Codex to use your Lark MCP permissions to find or create the named work group and post task summaries there. Confirm the exact destination before sending, and avoid including secrets, credentials, customer data, or confidential artifacts unless that Lark group is appropriate.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
92% confidence
Finding
The playbook materially expands a reporting-only skill into one that can provision new Lark groups and resolve user identities. That broadens capability from posting task results to creating communication channels and handling identity data, which increases the chance of unauthorized messaging destinations, privacy issues, and misuse beyond the user's stated intent.

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
Resolving user IDs from email or mobile is not necessary for a simple reporting skill and introduces collection and processing of sensitive identifiers. In this context, it enables the agent to pivot from posting status updates to identifying specific people, which creates privacy and targeting risks if triggered without strong justification and consent.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The playbook instructs identity lookup by email or phone number without any warning about personal data handling, consent, or disclosure. Omitting privacy safeguards makes it more likely that operators or agents will perform lookups on personal identifiers casually, which is especially risky because the skill's stated purpose is merely reporting task results.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal