Back to skill

Security audit

OpenCawl

Security checks across malware telemetry and agentic risk

Overview

OpenCawl is a coherent phone-calling skill, but it can place real calls, collect personal data, and return recordings or transcripts without enough consent and privacy guidance.

Review before installing. Use this only when you are authorized to contact the recipient and to share the supplied context. Keep call goals minimal, avoid sensitive personal or confidential data, require explicit confirmation before each outbound call, secure the OpenCawl API key, and check call-recording and consent rules for the relevant jurisdictions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill explicitly enables outbound calls to third parties and allows arbitrary user-provided goal/context to be spoken during those calls, but it does not clearly warn that personal or sensitive information may be disclosed to call recipients. In a calling skill, this omission materially increases the risk of accidental privacy violations, unauthorized outreach, or sharing confidential lead/customer data.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The documented status response includes transcript content, recording URLs, summaries, and extracted personal data such as names, email addresses, and availability, but the skill description does not warn users that these artifacts may contain sensitive personal information. This can lead to insecure handling, oversharing in downstream agent workflows, or retention of regulated data without user awareness.

Missing User Warnings

Medium
Confidence
83% confidence
Finding
The skill enables outbound calling, call recording, transcript retrieval, and extraction of personal data like names and emails, yet provides no consent, privacy, or legal-use guidance. In a telephony context, this increases the risk of unlawful recording, non-consensual data collection, and unsafe deployment by downstream agents who may treat the capability as routine.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.