Knowledge Organizer

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed knowledge-base organizer that writes or syncs user-selected notes, with no artifact evidence of hidden exfiltration or destructive behavior.

Install only if you want this agent to read your selected knowledge-base folders, write notes/assets under your vault, and upload chosen note content to Feishu or Tencent IMA. Keep `OPENCLAW_KB_ROOT` scoped to the intended vault, provide IMA credentials only when using IMA sync, and leave custom endpoint variables unset unless you explicitly trust that destination.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 93% confidence
Finding: The skill advertises and instructs use of sensitive capabilities including environment variables, local file reads/writes, shell execution, and network-integrated sync targets, but the metadata does not declare any explicit permissions model. That mismatch reduces transparency and enforcement, making it easier for a host or user to invoke a skill that can access secrets, modify local knowledge-base files, and send content to external services without clear permission boundaries.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal