ClawHub

feishu-cron-reminder

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Feishu reminder skill that creates scheduled OpenClaw cron messages, with some user-control and privacy cautions but no hidden code or unrelated access.

Install this only if you want OpenClaw to create Feishu reminder cron jobs. Before approving any reminder, verify the recipient, timezone, recurrence, and message text, especially for group chats or recurring jobs, and periodically remove old reminders you no longer need.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Vague Triggers

Medium
Confidence
84% confidence
Finding
The README uses natural-language examples like directly telling the AI to set reminders, but it does not clearly distinguish activation phrases from ordinary conversation. In a chat environment, broad phrasing can cause accidental invocation or mis-triggering, which may create unintended scheduled jobs or send messages without the user's explicit intent.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The README says reminders will be pushed to Feishu users or groups, but it does not explicitly warn that the reminder content itself will be transmitted to external recipients on Feishu. Users may unknowingly include sensitive information in reminder text, leading to unintended disclosure to individuals or group chats.

Natural-Language Policy Violations

Medium
Confidence
78% confidence
Finding
Defaulting all reminders to Asia/Shanghai without explicit user opt-in can cause reminders to fire at the wrong real-world time for users in other regions. In a scheduling skill that automates outbound messaging, this can lead to missed meetings, premature disclosures, or messages being sent at inappropriate hours.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The activation examples are broad enough to trigger on ordinary reminder phrases, which can cause the skill to activate in contexts where the user did not clearly intend to create a persistent Feishu cron task. In this skill, activation leads to creation of scheduled jobs that later send messages to users or groups, so accidental triggering can produce unintended automated actions rather than a harmless response.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill documentation does not clearly warn users that invoking it will create persistent scheduled tasks and automatically send messages to Feishu users or groups. This reduces informed consent and increases the risk of users unintentionally authorizing recurring outbound communications, especially to group channels where the blast radius is larger.

Natural-Language Policy Violations

Medium
Confidence
82% confidence
Finding
Hardcoding Asia/Shanghai and presenting it as required can cause scheduled messages to fire at unintended times for users in other regions. In a scheduling skill that sends automated external messages, incorrect timezone handling can lead to mistimed or embarrassing notifications, though this is more of a safety and reliability issue than a direct security compromise.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal