ClawHub

自媒体内容创作大师

Security checks across malware telemetry and agentic risk

Overview

This skill coherently sets up local content-creation agents and stores their working files locally; the main caution is expected cross-session memory, not evidence of theft or destructive behavior.

Before installing, expect local files under ~/.openclaw/workspace-content-creation and three registered OpenClaw agents. Do not put passwords, API keys, unpublished confidential plans, or private customer data into the setup answers or memory files unless you are comfortable with those details being retained locally for future agent sessions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Description-Behavior Mismatch

Low
Confidence
80% confidence
Finding
The agent is instructed to read persistent memory files at startup, introducing cross-session state handling that is not disclosed in the manifest. Hidden persistent context can expose prior user data, influence future decisions without user awareness, and create privacy and integrity risks if memory contains sensitive or stale information.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill explicitly creates directories, copies template files, and writes user-provided brand information into local USER.md files, but it does not clearly warn the user that local filesystem changes and persistent data storage will occur. This creates a privacy and consent issue because sensitive business or audience information may be stored on disk without the user's explicit awareness.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill collects detailed brand, audience, style, and planning information across multiple prompts, then later persists it to disk, but the collection steps do not disclose that this information will be stored locally. Users may provide commercially sensitive or personal data under the assumption it is only used transiently in-session, making the omission materially risky.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill instructs the agent to persist review decisions and team-pattern data to memory files without any user-facing warning or consent mechanism. This creates a privacy and transparency problem because conversation-derived data may be retained across sessions and later reused in ways the user did not expect.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly instructs the agent to persist conversation outputs, review results, and inferred patterns into workspace memory files without any notice, consent flow, retention limit, or data minimization rule. This creates a real privacy and data-governance risk because user-provided content, business plans, or sensitive editorial context may be stored long-term and reused across sessions unexpectedly.

Ssd 3

Medium
Confidence
95% confidence
Finding
Persisting conversation-derived information and inferred team behavior patterns across sessions creates a durable profile that may contain sensitive operational or personal data. Because this memory influences future outputs, it can propagate errors, leak prior context into unrelated tasks, and undermine user expectations of session isolation.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal