Back to skill

Security audit

Pitch

Security checks across malware telemetry and agentic risk

Overview

This pitch-coaching skill is local-only and broadly coherent, but it can generate unsourced business claims and silently saves meeting details when drafting follow-ups.

Install only if you are comfortable storing pitch foundations, objections, and meeting details locally in OpenClaw memory. Before using any generated pitch, replace or remove all traction, market, team, fundraising, customer, and credential claims unless they are verified facts for your company. Treat follow-up drafts as templates and remember that running the follow-up script will retain meeting metadata locally.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill instructs the agent to read and write local files under `memory/pitch/` and to use local scripts for data operations, but it does not declare any permissions. This creates a mismatch between the skill's stated capability surface and its actual behavior, which can undermine sandboxing, consent, auditing, and policy enforcement around filesystem access.

Description-Behavior Mismatch

Medium
Confidence
98% confidence
Finding
The script inserts specific traction, market size, team pedigree, and fundraising claims that are not derived from the stored foundation data, causing it to generate materially false business representations by default. In a pitch-coaching skill, this is especially dangerous because users may present these statements to investors, customers, or partners as factual, creating fraud, legal, reputational, and trust risks.

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
The script advertises drafting a follow-up email, but it also persistently stores meeting metadata such as company name, meeting type, discussion points, and next steps in a local memory file without explicit user consent or clear necessity. This creates an undisclosed data-retention behavior that can expose sensitive business relationship and pipeline information if the local workspace is accessed by other tools, users, or compromised processes.

Context-Inappropriate Capability

Medium
Confidence
87% confidence
Finding
The code establishes a persistent meeting-history store in a hidden workspace path even though the visible function of the script is simply generating draft follow-up emails. In the context of a pitch-coaching skill, meeting records may contain confidential investor, customer, or partnership information, so collecting and retaining them beyond the immediate task increases privacy and confidentiality risk without strong justification.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.