Trust Assessment
feishu-bridge received a trust score of 10/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 15 findings: 4 critical, 8 high, 1 medium, and 1 low severity. Key findings include Persistence / self-modification instructions, Sensitive path access: AI agent config, Persistence mechanism: macOS LaunchAgent.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The Manifest Analysis layer scored lowest at 0/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings15
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Persistence / self-modification instructions macOS LaunchAgent/LaunchDaemon persistence Remove any persistence mechanisms. Skills should not modify system startup configurations, crontabs, LaunchAgents, systemd services, or shell profiles. | Manifest | skills/alexanys/feishu-bridge/SKILL.md:46 | |
| CRITICAL | Persistence / self-modification instructions macOS LaunchAgent/LaunchDaemon persistence Remove any persistence mechanisms. Skills should not modify system startup configurations, crontabs, LaunchAgents, systemd services, or shell profiles. | Manifest | skills/alexanys/feishu-bridge/SKILL.md:59 | |
| CRITICAL | Persistence / self-modification instructions macOS LaunchAgent/LaunchDaemon persistence Remove any persistence mechanisms. Skills should not modify system startup configurations, crontabs, LaunchAgents, systemd services, or shell profiles. | Manifest | skills/alexanys/feishu-bridge/setup-service.mjs:8 | |
| CRITICAL | Persistence / self-modification instructions macOS LaunchAgent/LaunchDaemon persistence Remove any persistence mechanisms. Skills should not modify system startup configurations, crontabs, LaunchAgents, systemd services, or shell profiles. | Manifest | skills/alexanys/feishu-bridge/setup-service.mjs:79 | |
| HIGH | Sensitive path access: AI agent config Access to AI agent config path detected: '~/.clawdbot/'. This may indicate credential theft. Verify that access to this sensitive path is justified and declared. | Static | skills/alexanys/feishu-bridge/SKILL.md:29 | |
| HIGH | Sensitive path access: AI agent config Access to AI agent config path detected: '~/.clawdbot/'. This may indicate credential theft. Verify that access to this sensitive path is justified and declared. | Static | skills/alexanys/feishu-bridge/SKILL.md:30 | |
| HIGH | Sensitive path access: AI agent config Access to AI agent config path detected: '~/.clawdbot/'. This may indicate credential theft. Verify that access to this sensitive path is justified and declared. | Static | skills/alexanys/feishu-bridge/SKILL.md:31 | |
| HIGH | Sensitive path access: AI agent config Access to AI agent config path detected: '~/.clawdbot/'. This may indicate credential theft. Verify that access to this sensitive path is justified and declared. | Static | skills/alexanys/feishu-bridge/SKILL.md:56 | |
| HIGH | Sensitive path access: AI agent config Access to AI agent config path detected: '~/.clawdbot/'. This may indicate credential theft. Verify that access to this sensitive path is justified and declared. | Static | skills/alexanys/feishu-bridge/SKILL.md:71 | |
| HIGH | Sensitive path access: AI agent config Access to AI agent config path detected: '~/.clawdbot/'. This may indicate credential theft. Verify that access to this sensitive path is justified and declared. | Static | skills/alexanys/feishu-bridge/SKILL.md:72 | |
| HIGH | Persistence mechanism: macOS LaunchAgent Detected macOS LaunchAgent pattern. Persistence mechanisms allow malware to survive system restarts. Review this persistence pattern. Skills should not modify system startup configuration. | Static | skills/alexanys/feishu-bridge/SKILL.md:46 | |
| HIGH | Persistence mechanism: macOS LaunchAgent Detected macOS LaunchAgent pattern. Persistence mechanisms allow malware to survive system restarts. Review this persistence pattern. Skills should not modify system startup configuration. | Static | skills/alexanys/feishu-bridge/SKILL.md:59 | |
| MEDIUM | Unpinned npm dependency version Dependency '@larksuiteoapi/node-sdk' is not pinned to an exact version ('^1.56.1'). Pin dependencies to exact versions to reduce drift and supply-chain risk. | Dependencies | skills/alexanys/feishu-bridge/package.json | |
| LOW | Node lockfile missing package.json is present but no lockfile was found (package-lock.json, pnpm-lock.yaml, or yarn.lock). Commit a lockfile for deterministic dependency resolution. | Dependencies | skills/alexanys/feishu-bridge/package.json | |
| INFO | Unpinned dependencies in package.json The `package.json` file uses caret (`^`) ranges for dependencies (`@larksuiteoapi/node-sdk`, `ws`). While common, this practice allows minor version updates which could potentially introduce vulnerabilities or breaking changes if a malicious or faulty update is published by a dependency maintainer. For critical applications, pinning to exact versions is often recommended to ensure build reproducibility and reduce supply chain risk. Pin dependencies to exact versions (e.g., `"@larksuiteoapi/node-sdk": "1.56.1"`) or ensure a lock file (`package-lock.json` or `yarn.lock`) is used and committed to guarantee reproducible builds. | LLM | package.json:12 |
Scan History
Embed Code
[](https://skillshield.io/report/1f8eebc0153d091e)
Powered by SkillShield