Trust Assessment
feishu-wiki received a trust score of 73/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 3 findings: 0 critical, 2 high, 0 medium, and 0 low severity. Key findings include Broad Write/Modify Permissions for Feishu Wiki, Potential Data Exfiltration via Feishu Document Access, Dependency on `feishu_doc` for Core Functionality.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 18, 2026 (commit b62bd290). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Broad Write/Modify Permissions for Feishu Wiki The `feishu_wiki` tool, especially when combined with the `feishu_doc` tool, grants extensive write and modification capabilities within Feishu Wiki spaces. Actions like `create`, `move`, `rename` nodes, and the ability to obtain `obj_token` for document editing via `feishu_doc`, allow the agent to alter, create, and reorganize potentially sensitive company knowledge base content. This broad access could lead to data integrity issues, unauthorized content creation, or disruption of information architecture if misused or compromised. Implement granular permissions for the agent, separating read-only access from write/modify capabilities. Require explicit user confirmation for any destructive or modifying actions (create, move, rename, write). Consider having separate tools or tool instances with different permission scopes (e.g., `feishu_wiki_readonly` and `feishu_wiki_write`). Ensure that the underlying Feishu API permissions (`wiki:wiki`) are configured with the principle of least privilege. | LLM | SKILL.md:39 | |
| HIGH | Potential Data Exfiltration via Feishu Document Access The `feishu_wiki` tool allows navigation and retrieval of `obj_token` for any node within accessible Feishu Wiki spaces. The documentation explicitly states that this `obj_token` can then be used by the `feishu_doc` tool to 'read/write the document'. This creates a direct path for the agent to read the content of any document in the Feishu Wiki, potentially leading to the exfiltration of sensitive company information if the agent is compromised or misused. The combined functionality effectively grants read access to the entire wiki content. Implement strict access controls and user consent mechanisms for reading document content. Ensure that the `feishu_doc` tool, when used in conjunction with `feishu_wiki`, has its permissions scoped as narrowly as possible. Consider requiring explicit user approval for reading specific documents or categories of documents, especially those marked as sensitive. Regularly audit access logs for unusual document read patterns. | LLM | SKILL.md:67 | |
| INFO | Dependency on `feishu_doc` for Core Functionality The `feishu_wiki` skill explicitly states a dependency on the `feishu_doc` tool for reading and writing wiki page content. This means the security posture of `feishu_wiki` is directly tied to that of `feishu_doc`. Any vulnerabilities or excessive permissions in `feishu_doc` will directly impact the overall security of the `feishu_wiki` skill, particularly regarding data access and modification. Ensure that the `feishu_doc` tool is thoroughly reviewed for security vulnerabilities and excessive permissions. Its configuration should align with the principle of least privilege, especially given its critical role in handling document content. The combined security implications of both tools should be considered during deployment and ongoing management. | LLM | SKILL.md:77 |
Scan History
Embed Code
[](https://skillshield.io/report/ea64266dbef24b10)
Powered by SkillShield