Back to skill

Security audit

Sites Friendify Integration

Security checks across malware telemetry and agentic risk

Overview

This skill is purpose-aligned, but it needs review because it can direct an agent to create public Docker/Traefik-backed sites and send a Telegram owner identifier with limited confirmation or scoping.

Install only if you intend an agent to deploy and manage sites.friendify.cloud infrastructure. Use a limited OpenClaw gateway token and require the agent to show the Docker Compose/Traefik plan, target URL, owner mapping, API payload, and rollback or delete steps before creating or changing any site.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill instructs an agent to perform external side effects—deploy infrastructure and call a remote API—without requiring explicit user confirmation or warning the user about network access, service creation, and data transmission. In an agent context, this can lead to unexpected system changes, accidental exposure of identifiers such as a Telegram chat ID, and unauthorized deployment actions if the agent acts too eagerly on a natural-language trigger.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.