Dooray Hook

Security checks across malware telemetry and agentic risk

Overview

This skill matches its stated purpose of sending user-requested messages to configured Dooray chat webhooks, with some normal webhook-security cautions.

Install this only if you want OpenClaw to post messages into the Dooray rooms you configure. Keep webhook URLs private, leave verify_ssl set to true unless you fully trust the network and proxy setup, and avoid sending passwords, secrets, regulated data, or private incident details through chat webhooks unless that is approved for your environment.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration

Findings (3)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 93% confidence
Finding: The skill documents and enables both local config access and outbound network use, but it declares no permissions. That mismatch can prevent users or the host agent from understanding that the skill will read webhook secrets from local configuration and send data externally, which increases the risk of unintended secret use or exfiltration via chat notifications. In this context, the capability is expected for a webhook skill, but the lack of explicit declaration still weakens transparency and policy enforcement.

Context-Inappropriate Capability

Medium

Confidence: 96% confidence
Finding: The script permits TLS certificate verification to be disabled via the `verify_ssl` config flag and then uses `ssl._create_unverified_context()` for webhook delivery. This enables man-in-the-middle interception or modification of webhook traffic, including exposure of the Dooray webhook URL and message contents, which is a real transport-security weakness even if presented as an opt-in compatibility feature.

Vague Triggers

Low

Confidence: 78% confidence
Finding: The natural-language examples are broad enough that an agent may invoke the skill on loosely phrased requests to 'tell' or 'send' messages, without strong user confirmation or clear routing boundaries. For a messaging skill with external network effects, ambiguous triggers can cause accidental disclosure of sensitive information to chat rooms or unintended message delivery. The context makes this somewhat more sensitive because the skill posts to external webhook endpoints.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal