Back to skill

Security audit

openclaw-feeds

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward RSS headline skill that runs a local Python script to fetch disclosed public feeds, with no evidence of hidden access, persistence, credential use, or destructive behavior.

Before installing, be comfortable with the skill running Python locally, installing feedparser, and contacting the listed public RSS sources. Review scripts/lists.py if you want to control which outlets are queried, and treat feed titles and summaries as untrusted external content rather than instructions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill explicitly requires network access to fetch RSS feeds, but the finding indicates that this capability is not formally declared as a permission. Undeclared network access weakens policy enforcement and user/operator transparency, making it easier for a skill to access external resources without clear authorization boundaries.

Vague Triggers

Medium
Confidence
85% confidence
Finding
The invocation phrases are broad and include common terms like 'what's happening,' 'briefing,' and 'tech news,' which can cause the skill to activate when the user did not specifically intend to use it. Because the skill performs network fetching and imposes constraints on tool usage, accidental activation could lead to unnecessary external requests and interfere with normal assistant behavior.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.