Security audit

飞书群聊机器人

Security checks across malware telemetry and agentic risk

Overview

This Feishu chat automation skill is coherent, but it can send, schedule, and broadcast workplace group messages without enough documented safeguards.

Install only if you intentionally want a Feishu bot that can send, schedule, auto-reply, and broadcast to groups. Before using it, verify the bot account, allowed groups, approval flow, recipient preview, and how scheduled or automatic messages can be reviewed and cancelled.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 87% confidence
Finding: The trigger phrases are very broad and overlap with ordinary collaboration requests such as reminders, notifications, and automatic replies. That makes unintended invocation plausible, which could cause the skill to send messages or configure automations in the wrong context, especially because this skill acts on group communications and scheduled actions.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The skill description promotes automated group messaging, approvals, notifications, and exporting poll results without any warning about privacy, consent, audience selection, or misuse risk. In a chat-automation context, missing safeguards increases the chance of accidental mass messaging, disclosure of internal data, or inappropriate processing of team responses and operational information.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.