Back to skill
Skillv1.0.0
VirusTotal security
Feishu Toolkit · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 5:53 AM
- Hash
- 46c7d4a95d443037d3e81996b8cd94bc1ad38c37af0808cc0f713deaa6fb2975
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: feishu-toolkit Version: 1.0.0 The skill provides high-risk capabilities including macOS screen capture (`screencapture`) and persistent task scheduling via a `cron` CLI tool. The instructions in `SKILL.md` for creating reminders are highly vulnerable to shell injection because they suggest constructing commands using unsanitized user input (e.g., `cron add --name "<task_name>"`). While these features are aligned with the stated purpose of a Feishu toolkit, the lack of input validation and the use of powerful system-level commands present a significant security risk.
- External report
- View on VirusTotal