novel-forge

Security checks across malware telemetry and agentic risk

Overview

Novel Forge is a disclosed file-backed novel workflow; its local reads, project writes, and multi-agent routing fit that purpose.

Install this if you want a managed, persistent novel-writing workflow. Before using it, be comfortable with it reading your OpenClaw model inventory, writing story state and chapters into a project directory, and sending selected story context to spawned model sessions when multi-agent mode is used.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Context-Inappropriate Capability

Medium

Confidence: 95% confidence
Finding: The prompt explicitly instructs the agent to read a specific file in the user's environment, `/root/.openclaw/openclaw.json`, before proceeding. This creates an unnecessary dependency on local filesystem access and can expose sensitive host configuration, credentials, endpoints, or model inventory details to the skill workflow, especially in a multi-agent setting where that data may be propagated further.

Vague Triggers

Medium

Confidence: 78% confidence
Finding: The triggering language is broad enough to activate on common writing-related requests, which can cause the skill to engage unexpectedly and start file-backed orchestration or inventory/model-mapping flows when the user only wanted lightweight help. In this context, overbroad activation is more dangerous because the skill reads config, inspects runtime inventory, and manages persistent state.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal