Back to skill

Security audit

Konto API

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed read-only helper for querying sensitive Konto financial data, with privacy cautions but no artifact-backed malicious or hidden behavior.

Install only if you trust the Konto service and publisher. Use a least-privilege or read-only personal API key, keep ~/.openclaw/secrets/konto.env private, avoid analytics scope unless needed, and ask the agent to fetch only the specific financial fields you want displayed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The skill provides ready-to-run commands that retrieve highly sensitive personal financial data, including balances, investments, loans, subscriptions, and categorized transactions, but it does not warn that the output may expose private financial information in agent logs, terminals, chat responses, or shared environments. In an agent-skill context, this increases the chance of inadvertent data disclosure because users or downstream systems may execute these examples without understanding the privacy implications.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The API reference documents endpoints that expose highly sensitive personal financial data and explicitly instructs users to load secrets and issue authenticated requests, but it provides no warning, consent guidance, or least-privilege handling advice. In an agent-skill context, this increases the chance that an automated system will access bank, investment, asset, and loan data without clear user awareness or privacy safeguards.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The script automatically sources a local secret file and immediately uses the resulting API token to make authenticated requests to an external service, with no prompting, disclosure, or guardrails. In an agent-skill context, this is risky because invoking the skill can silently access sensitive financial data and transmit credentials-derived authority over the network, which may exceed user expectations.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.