Generate responsive HTML pages suitable for reporting, supporting resizing and screenshot capture.
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: report-generator Version: 1.0.2 The skill is suspicious due to a critical Cross-Site Scripting (XSS) vulnerability in `scripts/generate.py`. The script directly embeds user-provided data into an HTML template without any HTML escaping, allowing arbitrary JavaScript injection into the generated report. The `SKILL.md` then explicitly instructs the OpenClaw agent to open this locally generated HTML file using its `browser` tool (`file://<html_path>`). This creates a self-XSS vulnerability where the agent could execute malicious JavaScript from the report, potentially leading to local file access, network requests, or further agent manipulation if the browser tool is not adequately sandboxed.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may create a local HTML file when asked to generate a report.
The skill instructs the agent to run a local script and write output files. This is directly aligned with generating a report, but users should know it performs local file creation.
Execute the python script with the JSON data:
python3 scripts/generate.py --output "workspace/reports" --data '{"title": "...", ...}'Use a scoped output directory and only invoke the skill for report-generation tasks you requested.
If untrusted content containing HTML or JavaScript is used as report input, it may render or execute inside the generated local HTML page during screenshot capture.
Visible code inserts report fields directly into HTML without showing HTML escaping or sanitization. Since SKILL.md then instructs opening the generated file in a browser, HTML or script-like input could be rendered by the browser.
return "\n".join([f"<li>{item}</li>" for item in items])Treat report input as trusted text, or update the generator to HTML-escape all user-supplied fields before writing the report.