ClawHub

Tripit Calendar

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it reads a user-provided TripIt calendar feed and summarizes upcoming travel, but that feed contains sensitive itinerary details.

Install only if you are comfortable letting the agent read and summarize your private TripIt itinerary. Keep TRIPIT_ICAL_URL secret, rotate the TripIt feed URL if it is exposed, and review outputs before sharing them because they may include future travel plans, lodging, transportation, and locations.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
94% confidence
Finding
The skill documentation indicates capabilities to read environment variables, read local files, and access the network, but it does not declare corresponding permissions. This creates a transparency and policy-enforcement gap: reviewers and runtime controls may not fully understand that the skill can access a private TripIt feed and local env files containing sensitive data.

Context-Inappropriate Capability

Medium
Confidence
97% confidence
Finding
The skill instructs the implementation to fall back to directly reading ~/.openclaw/.env for TRIPIT_ICAL_URL, which expands access beyond the declared input channel and encourages direct secret-file access. Because the TripIt iCal URL is effectively a bearer secret to private travel data, reading it from a general env file increases the risk of unintended secret exposure or overbroad file access.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill handles a private TripIt iCal feed containing sensitive itinerary details such as future travel dates, destinations, lodging, and transport bookings, but the documentation does not warn users that invoking the skill may surface this information in agent output. In this context, omission of a privacy warning is significant because travel plans are highly sensitive and could be exposed to unintended viewers through summaries or logs.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal