Plans & Todos

Security checks across malware telemetry and agentic risk

Overview

This is a simple local plans-and-todos helper that clearly stores task information in a markdown file, with ordinary privacy and accidental-update considerations.

Install this if you want a persistent local plans-and-todos memory. Avoid putting passwords, API keys, or highly sensitive personal information in the file, and ask the agent to confirm before adding new long-term plans or marking ambiguous tasks complete.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The skill description and trigger conditions are broad enough to match common conversational topics like goals, tasks, and plans, which increases the chance of unintended activation. Because this skill can read and write a persistent local memory file, accidental invocation could cause unauthorized or surprising data persistence and modification even without clear user intent.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill explicitly instructs the agent to maintain a file under ~/.openclaw/workspace/memory/plans-todos.md and create the memory directory if missing, but it does not require clear user notice or consent before persisting data locally. In context, this is more dangerous because the writes affect durable user memory and may capture personal plans or behavior over time without the user realizing a local state change occurred.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal