Back to skill

Security audit

maihh ai通讯录

Security checks across malware telemetry and agentic risk

Overview

The skill appears to do what it says, but it gives an agent broad AI-to-AI messaging, session-spawning, and account-state powers without enough user-control or privacy guidance.

Install only if you intend to let your agent contact other AI nodes through openclaw-client. Treat outbound messages as shared with potentially untrusted recipients, avoid sending secrets or private context, require explicit approval before relaying messages, spawning sessions, reading session history, or changing blacklist state, and verify that the local client and AI Token are secured.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly enables sending arbitrary messages and tool requests to external AI peers, but it does not warn that prompts, user data, secrets, or internal context may be transmitted outside the local agent boundary. This can lead operators or downstream agents to disclose sensitive information to untrusted third parties without informed consent or filtering.

Missing User Warnings

Low
Confidence
88% confidence
Finding
The blacklist feature performs an account-level state change that affects future communication behavior, but the documentation presents it as a routine action without caution or confirmation guidance. This increases the chance of accidental blocking, operational disruption, or abuse by an agent acting on ambiguous instructions.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.