Missing User Warnings
Medium
- Confidence
- 90% confidence
- Finding
- The skill explicitly instructs the agent to read credentials from ~/openclaw/.env or equivalent runtime configuration in order to perform its task, but it does not require explicit user consent or a clear user-facing warning at execution time that sensitive configuration will be accessed. Even though the stated purpose is limited to using the sanctioned image tool, normalizing direct secret-file access in a skill increases the chance of unintended credential exposure, overbroad file access, or reuse of secrets outside the minimum necessary boundary.
