Back to skill

Security audit

OpenAI

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed OpenAI integration that uses ClawLink to manage OpenAI resources, with broad but purpose-aligned account access.

Install this only if you trust ClawLink with access to your OpenAI account and API key. Before approving actions, check previews carefully for uploads, fine-tuning, batches, assistant changes, deletions, cancellations, and generation calls that may send data to OpenAI or incur API costs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Intent-Code Divergence

Medium
Confidence
91% confidence
Finding
The skill states that all write operations require explicit user confirmation, but elsewhere marks some state-changing operations as read/safe or places them in workflows that may encourage execution without confirmation. In an agent setting, inconsistent safety semantics can cause unauthorized creation, modification, cancellation, or deletion of OpenAI resources, especially because this skill can access files, assistants, vector stores, batches, fine-tuning jobs, and containers.

VirusTotal

56/56 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.