ClawHub

Openclaw

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed BKMRK bookmark-management skill with expected API-key access and external AI analysis, with no hidden installer or malicious behavior found.

Install only if you trust BKMRK with your bookmark library and are comfortable with bookmark content being processed by BKMRK and Claude. Keep the BKMRK API key private, rotate it if exposed, and require explicit approval before bulk trashing or changing many bookmarks.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly states that full bookmark content, tweets, threads, YouTube transcripts, article bodies, and project-specific context are sent to external AI analysis services, but it does not provide clear user-facing warnings, consent boundaries, or data-minimization guidance within the skill itself. In an agent setting, this creates a real privacy and data-handling risk because users may not realize how much third-party content and potentially sensitive project context is being transmitted and retained.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill documents single and batch status updates, including moving items to "trashed," but does not warn about the destructive nature of bulk operations or recommend confirmation safeguards. In a tool that manages a user's bookmark library, an agent could inadvertently or excessively trash large numbers of items, causing data loss, workflow disruption, or difficult recovery if restore behavior is unclear.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal