Daily Summary

Security checks across malware telemetry and agentic risk

Overview

This skill is a narrow daily-summary helper that reads local OpenClaw usage stats and writes a dated summary file, with no evidence of hidden or destructive behavior.

Install only if you want daily summaries saved into your OpenClaw workspace. Before using it, check whether that day's `memory/YYYY-MM-DD.md` already contains notes you care about, and inspect any separate `cron_daily_summary.py` automation before running it because this package references that script but does not include it.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The skill explicitly creates or updates a file under the user's workspace (`memory/YYYY-MM-DD.md`) but does not warn the user that invoking the skill will modify local files. Silent workspace writes can surprise users, overwrite prior notes, or be abused to persist misleading content in a trusted location. In this context the write target is constrained and appears related to the stated functionality, so the issue is transparency and consent rather than obviously malicious behavior.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal