OpenClaw Daily Tips

The skill mostly does what its description claims (provide daily tips and store preferences), but it contains insecure/incoherent implementation details—most notably a hardcoded absolute path to another skill and use of child_process.exec to run that script—which could lead to unexpected code execution or failure on a user's system.

What to consider before installing: - Inspect the included script (scripts/openclaw-daily-tips.mjs) yourself. It executes 'node /home/adelpro/.../reddit-readonly.mjs' via child_process.exec. That absolute, user-specific path is likely a developer artifact and will either fail on your machine or, if present, will execute whatever code lives at that path. Treat that as a risk: verify the target script's contents before allowing execution. - If you want reddit integration, prefer verifying and installing a trusted reddit-readonly skill and update the script to call a relative or configurable path (or use an environment variable) rather than a hardcoded /home/adelpro path. - Because the script uses exec() to run another Node script, a compromised or malicious replacement of that other script would run with your user's privileges. Only install skills from sources you trust and check that referenced scripts are legitimate. - The skill stores data under its own data/ folder (saved-tips.json, preferences.json), which is expected; review file permissions if you store sensitive info in the same environment. - If you want higher assurance: ask the publisher to remove the absolute path dependency, or patch the script to detect and call an installed reddit-readonly in the current OpenClaw workspace (relative path), or add explicit configuration to opt into community feeds. Confidence notes: my assessment is 'suspicious' rather than 'malicious' because the inconsistencies can be explained by sloppy developer artifacts (hardcoded dev path) rather than clear intent to exfiltrate or harm. Additional information that would raise confidence to 'benign': the path being replaced with a workspace-relative or configurable lookup, or explicit checks that the external script is optional and safe. Additional information that would raise severity: discovery that the skill reaches out to remote endpoints or includes obfuscated code designed to fetch and execute remote payloads.