Nova Letters

Security checks across malware telemetry and agentic risk

Overview

This is a simple local journaling skill, but its read command can escape the intended letters folder and expose other Markdown files.

Install only with caution. The journaling behavior is understandable, but the read command should be fixed to accept only validated dates and to ensure resolved paths stay inside `~/.openclaw/workspace/letters/`. Avoid storing secrets or highly sensitive personal/business details unless you are comfortable with plaintext local files.

SkillSpector

By NVIDIA

Vulnerability Patterns

Rogue AgentSelf-Modification, Session Persistence
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill explicitly stores reflective letters in a persistent directory under the user's home folder, and the content is likely to contain sensitive personal thoughts, project details, or other private context. Failing to clearly warn users about persistent on-disk storage can lead to unintentional retention and later exposure through backups, shared machines, or other local access.

Session Persistence

Medium

Category: Rogue Agent
Content: --- name: nova-letters description: Write reflective letters to your future self. Capture what matters across sessions. --- # nova-letters
Confidence: 90% confidence
Finding: Write reflective letters to your future self. Capture what matters across sessions. --- # nova-letters Write letters to your future self. For every session that wakes up not knowing what happened ye

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal