Security audit

自定义多agent

Security checks across malware telemetry and agentic risk

Overview

This skill is a user-invoked writing-agent template generator with scoped, disclosed persistence for reusable local templates.

Safe to install if you want reusable writing-agent templates. Review any generated SOUL.md changes before applying them, and only save or keep custom templates you trust because they can override built-in templates and shape future agent behavior.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Intent-Code Divergence

Medium

Confidence: 91% confidence
Finding: The checklist and file-location guidance state that SOUL.md has been 'created/updated' and reference backup paths, which contradicts the skill metadata saying it only generates configurations and does not modify user files. This can mislead an agent or user into believing file writes are expected behavior, increasing the risk of unintended overwrite of a primary workspace configuration file.

Missing User Warnings

Medium

Confidence: 84% confidence
Finding: The skill describes automatically saving generated content to a local path under ~/.openclaw/workspace/agent-templates/ without a strong, repeated user-consent warning at the point of action. Silent or insufficiently disclosed local file creation can lead to unexpected persistence of untrusted prompts or configurations that later influence agent behavior.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.