Summarize Pro

Security checks across malware telemetry and agentic risk

Overview

This is a local summarization skill whose read/write access and history features match its stated purpose.

Install if you are comfortable with local history, stats, templates, and saved summaries being stored under ~/.openclaw/summarize-pro. Avoid using it for highly sensitive documents unless that local retention is acceptable, and delete that directory if you want to remove retained summary data.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The activation rules are broad enough to trigger on common conversational phrases like "summary," "compare," or "meeting notes," which can cause the skill to activate unexpectedly on unrelated user content. In this skill, unexpected activation is more concerning because activation leads to automatic history/stat updates and potential local persistence of user-provided text-derived data without a clear just-in-time consent step.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The command/help surface describes summarization features but does not prominently warn users that every summary is automatically logged to local history and used to update stats. Because users may paste sensitive emails, meetings, reports, or personal documents, silent persistence can retain sensitive derived content and metadata beyond the immediate session, creating privacy and data-retention risk.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal