Trust Assessment
feishu-post received a trust score of 51/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 4 findings: 1 critical, 1 high, 2 medium, and 0 low severity. Key findings include Missing required field: name, Unpinned npm dependency version, Suspicious `dotenv` package version (possible typosquatting).
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 55/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings4
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Suspicious `dotenv` package version (possible typosquatting) The `package.json` and `package-lock.json` files specify `dotenv` version `^17.2.3`. The legitimate `dotenv` package is currently maintained at `v16.x.x`. This significant version discrepancy strongly suggests a typosquatting attack or the use of a malicious package. Such a package could contain arbitrary code, leading to supply chain compromise, data exfiltration, or remote code execution. Replace `dotenv: "^17.2.3"` with the latest legitimate version (e.g., `dotenv: "^16.4.5"`). Verify the package source and integrity. Run `npm install` to update `package-lock.json` with the correct integrity hash and ensure no malicious code was introduced. | LLM | package.json:7 | |
| HIGH | Arbitrary file read leading to data exfiltration The `send.js` script allows reading arbitrary files from the local filesystem via the `--text-file` command-line argument. The content of the specified file is then read using `fs.readFileSync` and included in the message body sent to the Feishu API. An attacker can exploit this by providing a path to a sensitive file (e.g., `/etc/passwd`, `.env` files, SSH keys) to exfiltrate its contents through the Feishu message. Implement strict validation and sanitization for the `options.textFile` input. Restrict file access to a predefined, sandboxed directory, or require explicit user confirmation for reading files outside the skill's designated scope. If possible, remove the `--text-file` option if not strictly necessary, or implement a secure file upload mechanism instead of direct file path input. | LLM | send.js:30 | |
| MEDIUM | Missing required field: name The 'name' field is required for claude_code skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter. | Static | skills/autogame-17/feishu-post/SKILL.md:1 | |
| MEDIUM | Unpinned npm dependency version Dependency '@larksuiteoapi/node-sdk' is not pinned to an exact version ('^1.58.0'). Pin dependencies to exact versions to reduce drift and supply-chain risk. | Dependencies | skills/autogame-17/feishu-post/package.json |
Scan History
Embed Code
[](https://skillshield.io/report/5c0d5c5a12eb6fcd)
Powered by SkillShield