Trash Manager

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed trash-management workflow, but it gives agents broad deletion-routing authority and recommends automatic permanent cleanup without clear user confirmation requirements.

Install only if you are comfortable with agents routing deletions through a shared trash area and, if you configure the cron example, permanently deleting trashed files after 7 days. Before using it broadly, require your agent to ask before trashing important or user-owned files and verify what ~/.openclaw/scripts/trash-manager.sh actually does.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill instructs agents to route deletions into a shared trash system with irreversible auto-clean after 7 days, but it does not require an explicit warning or confirmation to the user at the time a file is trashed. In an agentic context, this creates a real risk of users believing deletion is easily reversible when it will later become permanent, especially for destructive actions initiated on the agent's own judgment.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal