Weekly Update

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed weekly-summary helper that reads recent OpenClaw session history, with privacy considerations but no hidden install code, persistence, mutation, or exfiltration behavior found.

Install this only if you are comfortable letting the agent read recent OpenClaw session transcripts to summarize your work. Session history may include sensitive project or personal information, so use manual notes instead when you want tighter control over what is included.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (4)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill instructs the agent to automatically access and process session logs before considering whether the user supplied manual notes, and it does so without any explicit user-facing consent or notice at execution time. Because session transcripts can contain sensitive or unrelated prior conversation content, this creates a privacy risk through over-collection and secondary use of data beyond the user's immediate request.

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The trigger phrase "Generate my weekly update" is broad enough to overlap with ordinary user requests, which can cause the skill to auto-run in contexts where the user did not clearly intend the skill's side effects. In this skill, that matters because the expected behavior includes automatically reading session logs, so an ambiguous invocation can expose or process personal activity data unexpectedly.

Vague Triggers

Low

Confidence: 79% confidence
Finding: The lowercase trigger variant remains semantically broad, so routine phrasing could unintentionally activate the skill. Although casing itself is not the issue, preserving an underspecified trigger increases the chance of accidental invocation and unnecessary access to weekly session history.

Ssd 3

Medium

Confidence: 97% confidence
Finding: The skill directs the agent to fetch full conversation transcripts from all sessions in the past week and scan them for project activity, which can expose private user content that was never intended for inclusion in a weekly summary. Even with includeTools disabled, the transcript itself may still contain sensitive discussions, credentials, personal data, or unrelated work context, so summarizing it broadens data exposure unnecessarily.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal