Info Magnet

Security checks across malware telemetry and agentic risk

Overview

Info Magnet appears to do what it says: it monitors user-configured topics, RSS feeds, and URLs, stores local state, and does not show deceptive or destructive behavior.

Install only if you are comfortable with it storing monitored topics, feed URLs, seen URLs, and digests locally under ~/.openclaw/memory. Be careful adding private URLs, internal services, or sensitive research topics, especially if agents run scheduled heartbeat scans or share/sync the home directory.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 91% confidence
Finding: The skill documentation describes capabilities that read and write local files under ~/.openclaw/memory and fetch external content via web, RSS, and URL monitoring, but the metadata declares no corresponding permissions. This creates a transparency and consent gap: an agent or platform may treat the skill as lower risk than it actually is, while the skill persists user interests and contacts external resources.

Missing User Warnings

Low

Confidence: 83% confidence
Finding: The skill persists monitored topics, seen URLs, and generated digests, but the user-facing description does not clearly warn that this data is stored over time. Even if the data seems routine, topics and monitored URLs can reveal sensitive interests, projects, or research areas, creating avoidable privacy risk on shared or synced systems.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal