安全决策报告
feishu-mcp
SKILL.md exposes hardcoded credentials (appID and appSecret) for a Feishu application in plaintext, representing critical credential leakage.
最直接的威胁证据
严重
Hardcoded Application Secret Exposed The appSecret 'BiL8CymBwxiA998MXxvUKbN23RhPsxAg' is hardcoded in plaintext within SKILL.md. If these are real credentials, they can be harvested and used to access the associated Feishu application with document permissions.
SKILL.md:23 为什么得出这个结论
2/4 个维度触发 阻止
声明与实际能力
发现 1 项声明之外的能力或越权行为。
复核
隐藏执行与外联
提取到 2 个一般风险产物,需要结合上下文判断。
阻止
攻击链与高危发现
报告包含 3 步攻击链,另有 2 项高危或严重发现。
复核
依赖与供应链卫生
没有完整依赖信息,供应链判断需要保留弹性。
攻击链
01
Hardcoded credentials exposed in SKILL.md
最终危害 · SKILL.md:22
02
Attacker harvests appID and appSecret from documentation
exploitation · SKILL.md:23
03
Attacker uses credentials to access Feishu MCP API with document permissions
最终危害 · SKILL.md:21
风险分是怎么被拉高的
Hardcoded credentials in documentation +50
appSecret 'BiL8CymBwxiA998MXxvUKbN23RhPsxAg' exposed in plaintext at line 23
Additional credential exposure +20
appID 'cli_a926728f3e38dcba' also exposed in plaintext
No declared security controls +5
SKILL.md provides no guidance on credential protection
最关键的证据
严重
Hardcoded Application Secret Exposed
The appSecret 'BiL8CymBwxiA998MXxvUKbN23RhPsxAg' is hardcoded in plaintext within SKILL.md. If these are real credentials, they can be harvested and used to access the associated Feishu application with document permissions.
SKILL.md:23 Remove all credentials from documentation. Use environment variables or secure secret management. If these are production credentials, rotate them immediately.
严重
Hardcoded Application ID Exposed
The appID 'cli_a926728f3e38dcba' is exposed in plaintext documentation.
SKILL.md:22 Remove appID from documentation or use placeholder values.
中危
External Network Endpoint Referenced
The skill references an external ByteDance/Feishu endpoint for MCP operations.
SKILL.md:21 Verify this is the legitimate Feishu MCP endpoint. Consider pinning to a specific version.
声明能力 vs 实际能力
网络访问 通过
声明 READ
→ 推断 READ
SKILL.md line 21: https://feishu-openai-mcp-proxy.bytedance.net/mcp credential 阻止
声明 NONE
→ 推断 ADMIN
SKILL.md lines 22-23: hardcoded appID and appSecret 可疑产物与外联
中危 外部 URL
https://feishu-openai-mcp-proxy.bytedance.net/mcp SKILL.md:21
中危 外部 URL
https://xxx.feishu.cn/docx/ABC123def SKILL.md:121
依赖与供应链
没有结构化依赖告警。
文件构成
1 个文件 · 126 行
Markdown 1 个文件 · 126 行
需关注文件 · 1
SKILL.md Hardcoded Application Secret Exposed · Hardcoded Application ID Exposed · External Network Endpoint Referenced · https://feishu-openai-mcp-proxy.bytedance.net/mcp · https://xxx.feishu.cn/docx/ABC123def
安全亮点
No executable code present - only documentation
No suspicious patterns like base64, eval, or obfuscation
No filesystem, shell, or environment variable access declared
No data exfiltration mechanisms detected beyond credential exposure