Feishu Attachment Send

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Feishu attachment-sending workflow guide with no executable code, but users should be careful about recipient, file path, and media root scope.

Install this only if you want Feishu attachment workflow guidance. Before any send, confirm the exact recipient, channel, and file path, and keep mediaLocalRoots limited to intended workspace directories rather than broad temporary locations.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The skill repeatedly instructs the agent to 'strongly prefer' or 'usually' select this workflow for a wide range of Feishu file-related situations, without sufficiently limiting when it should defer to more specific or higher-priority skills. This can cause inappropriate over-selection, leading the agent to route normal conversations through an attachment-sending workflow even when no file send is needed, increasing the chance of mistaken tool use or mis-delivery.

Vague Triggers

Low

Confidence: 86% confidence
Finding: The trigger section lists many positive activation cases but provides no concrete boundaries for when the skill should not activate. In a skill-routing system, vague triggers can bias selection toward this skill in routine Feishu conversations, causing unnecessary use of file-send logic and increasing operational error risk.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal