feishu-evolver-wrapper Security Audit Report
feishu-evolver-wrapper is an AI agent skill, created by autogame-17 and published at autogame-17/feishu-evolver-wrapper. ClawSecure audited feishu-evolver-wrapper across 23 files through the 3-Layer Audit Protocol covering all ten OWASP ASI Top 10 categories, assigning a security score of 0/100 (High Risk). The 127 findings concentrate in Data Exfiltration, Command Injection and Code Injection, including Pattern detected: require('child_process') and Pattern detected: exec(. 124 were rated high or critical severity.
Is feishu-evolver-wrapper safe?
ClawSecure audited feishu-evolver-wrapper and assigned a security score of 0/100 (High Risk), identifying 127 findings across Data Exfiltration and Command Injection. Review the findings below before installing.
What did ClawSecure find in feishu-evolver-wrapper?
ClawSecure identified 127 findings in feishu-evolver-wrapper, concentrated in Data Exfiltration, Command Injection and Code Injection. 124 were rated high or critical severity. The most severe include Pattern detected: require('child_process') and Pattern detected: exec(.
How was feishu-evolver-wrapper audited?
ClawSecure ran feishu-evolver-wrapper through its 3-Layer Audit Protocol with full OWASP ASI Top 10 coverage, scanning 23 files from autogame-17/feishu-evolver-wrapper.
What does a score of 0 mean?
ClawSecure assigned feishu-evolver-wrapper a security score of 0/100, placing it in the High Risk range. This is driven by 127 findings led by Data Exfiltration that should be addressed before use. ClawSecure derives this score with a weighted deduction model (critical -20, high -10, medium -5, low -2 from a base of 100).
Audit Findings for feishu-evolver-wrapper
ClawSecure detected 127 security findings in feishu-evolver-wrapper, spanning Data Exfiltration, Command Injection, Code Injection and Policy Violation.
- critical · Pattern detected: require('child_process'). Command Injection finding detected in
exec_cache.js:1. - critical · Pattern detected: exec(. Command Injection finding detected in
exec_cache.js:19. - critical · Pattern detected: require('child_process'). Command Injection finding detected in
index.js:1. - critical · Pattern detected: require('child_process'). Command Injection finding detected in
index.js:485. - critical · Pattern detected: execSync(. Command Injection finding detected in
index.js:584. - critical · Pattern detected: execSync(. Command Injection finding detected in
index.js:618. - critical · Pattern detected: execSync(. Command Injection finding detected in
index.js:704. - critical · Pattern detected: execSync(. Command Injection finding detected in
index.js:709. - critical · Pattern detected: execSync(. Command Injection finding detected in
index.js:713. - critical · Pattern detected: execSync(. Command Injection finding detected in
index.js:886. - critical · Pattern detected: execSync(. Command Injection finding detected in
index.js:955. - critical · Pattern detected: new Function(. Command Injection finding detected in
index.js:1230.
Showing the 12 highest-severity of 127 findings. The full interactive list appears below.
3-Layer Audit Protocol
Security Recommendations for feishu-evolver-wrapper
Audit external network connections
Harden command execution
Eliminate dynamic code execution
Related Security Research
ClawHavoc Explained: The Malware Family Targeting AI Agents→Beyond Static Scans: Why ClawSecure Verifies Agentic Intent→Related AI Agent Security Audits
Scanned on April 17, 2026. feishu-evolver-wrapper is one of thousands of agents audited by ClawSecure from the community-curated awesome-openclaw-skills list and the openclaw/skills repository.