Back to skill

Security audit

Self Reflection

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed local self-review logger, but users should be careful because it creates persistent reflection memory and its README installs an external CLI not included in the reviewed bundle.

Install only if you want an agent to keep local self-review memory over time. Do not log secrets, private user data, tokens, or sensitive project details, and inspect the external GitHub CLI before symlinking or running it because that executable was not included in this reviewed package.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Rogue AgentSelf-Modification, Session Persistence
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The README explicitly describes automatic persistence of reflections and timer state, and the examples show storing free-form 'miss' and 'fix' content in a memory file. In an agent setting, those reflections can easily contain sensitive prompts, secrets, operational details, or user data, so undocumented persistence creates a real confidentiality risk even if the feature is intended.

Session Persistence

Medium
Category
Rogue Agent
Content
## Configuration

Create `~/.openclaw/self-reflection.json`:

```json
{
Confidence
91% confidence
Finding
Create `~/.openclaw/self-reflection.json`: ```json { "threshold_minutes": 60, "memory_file": "~/workspace/memory/self-review.md", "state_file": "~/.openclaw

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.