Back to skill

Security audit

Ride Insights

Security checks across malware telemetry and agentic risk

Overview

This skill appears purpose-built to fetch Gmail ride receipts, but it handles and stores sensitive travel and receipt email contents without clear consent and permission boundaries.

Install only if you are comfortable granting Gmail-related access and storing raw receipt email data locally. Review the script output path, delete exported files when done, and avoid using it on mailboxes containing sensitive receipts unless you can limit the query and protect the resulting JSON file.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill clearly requires sensitive capabilities—environment variable access, shell execution, file read/write, and network access to Gmail/OpenClaw Gateway—yet no explicit permissions are declared. This creates a trust and review gap: operators may approve or run the skill without understanding that it handles raw receipt emails, location history, and auth tokens, increasing the chance of unintended data exposure or over-privileged execution.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The script aggregates and stores raw ride-receipt email data locally, including sender, subject, snippet, and HTML body content, without an explicit privacy warning or consent checkpoint at runtime. In the skill context, these messages can contain sensitive personal and financial data such as trip times, pickup/dropoff locations, pricing, and account identifiers, so silent local retention increases privacy and data exposure risk.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.