Back to skill

Security audit

Mens Mental Health

Security checks across malware telemetry and agentic risk

Overview

This is a markdown-only mental health support skill with no executable behavior, hidden actions, credential use, or network access, though users should treat mental-health entries as sensitive.

Safe to install from an agentic-security perspective. Use it as a self-reflection aid, not a replacement for professional care, and review your OpenClaw chat history, memory, sync, and deletion settings before recording sensitive mental-health details or long-term patterns.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger phrase set is broad enough to match common conversational requests like 'need to talk' or generic statements about stress, which can cause the skill to activate in situations the user did not specifically intend. In a mental health context, unintended invocation is more sensitive because it may intercept vulnerable users, crowd out more appropriate help flows, or create confusion during crisis-adjacent conversations.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.