Back to skill

Security audit

blog-image-enricher

Security checks across malware telemetry and agentic risk

Overview

This appears to be an image-generation skill whose local credential use is relevant to its purpose, with no evidence of hidden exfiltration or destructive behavior.

Install if you are comfortable letting the skill use locally configured image-provider credentials. Keep API keys in environment/config storage, do not paste secrets into chat, and review any generated command before it reads or displays credential files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill explicitly instructs the agent to read credentials from ~/openclaw/.env or equivalent runtime configuration in order to perform its task, but it does not require explicit user consent or a clear user-facing warning at execution time that sensitive configuration will be accessed. Even though the stated purpose is limited to using the sanctioned image tool, normalizing direct secret-file access in a skill increases the chance of unintended credential exposure, overbroad file access, or reuse of secrets outside the minimum necessary boundary.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.