Back to skill

Security audit

Promarkia – AI Marketing Automation API

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate Promarkia client, but it can run paid automations that post through connected accounts and recur without documented approval safeguards.

Install only if you intentionally want OpenClaw to operate Promarkia with your API key and connected accounts. Use the least-privileged accounts possible, review prompts and outputs before enabling publish-capable tasks, monitor credit usage, and regularly list or remove cron jobs for recurring automations.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Rogue AgentSelf-Modification, Session Persistence
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (6)

Description-Behavior Mismatch

Medium
Confidence
90% confidence
Finding
The manifest frames the tool as a marketing automation client, but the available squads include email/calendar productivity, coding/debugging, and data analysis. That scope expansion makes the skill materially more dangerous because a user or orchestrator may approve it for low-risk marketing tasks while it can actually initiate much broader workflows and data processing through the external service.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The README explicitly instructs users to connect social, publishing, and lead-generation integrations and states that Promarkia may post on the user's behalf, but it does not include a clear warning to review prompts/output before automated publication. In a skill whose core purpose is running marketing automation and scheduled posting, this omission increases the risk of unintended or harmful content being published through connected accounts.

Vague Triggers

Medium
Confidence
82% confidence
Finding
The description uses very broad invocation language such as 'use when asked to run a Promarkia task' and references many categories of work. In an agent environment, this increases the chance of over-triggering the skill for generic requests, leading to unintended external API calls, credit consumption, or actions via connected accounts.

Missing User Warnings

High
Confidence
93% confidence
Finding
The setup text mentions connecting LinkedIn, X, Reddit, and similar accounts but does not clearly warn that the skill may publish or automate outbound actions on those accounts. In this context, that omission is dangerous because the skill is specifically designed to run social/media squads against connected integrations, making accidental or unauthorized posting a realistic risk.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The recurring cron examples normalize unattended repeated execution without warning that each run can spend credits and repeatedly trigger external actions such as posting or audits. Because recurrence persists beyond the immediate session, mistakes can lead to ongoing financial cost and repeated external impact until manually stopped.

Session Persistence

Medium
Category
Rogue Agent
Content
python scripts/promarkia_run.py --get-run 123456
```

### Schedule Recurring Tasks

Use OpenClaw's cron system to schedule automated runs:
Confidence
66% confidence
Finding
Schedule Recurring Task

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.