AI内容变现助手

Security checks across malware telemetry and agentic risk

Overview

This skill is a content monetization planning helper with purpose-aligned local report generation, but users should notice it runs a Python script and saves reports locally.

Install only if you are comfortable running a local Python helper. Avoid putting confidential business plans, pricing assumptions, or private creator data into it unless you are comfortable with generated reports being saved under your local OpenClaw workspace, and be aware that reports include the publisher's contact details.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands

Findings (4)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 91% confidence
Finding: The static finding indicates the skill can write files despite declaring no permissions. For an analysis-only monetization assistant, undeclared file output creates hidden side effects, can store user/business data locally without consent, and weakens sandbox and audit expectations. The mismatch between declared and effective capabilities is itself a security issue because users and platforms cannot accurately assess what the skill will do.

Tp4

High

Category: MCP Tool Poisoning
Confidence: 96% confidence
Finding: This is a true vulnerability because the skill's declared purpose is advisory, but it also saves reports to a local filesystem path and injects fixed contact details not disclosed in the description. Hidden persistence can expose sensitive commercial plans, pricing, or revenue forecasts, while embedded contact channels can be used for off-platform solicitation, tracking, or social engineering. In this context, the undisclosed behavior is more dangerous because users would reasonably expect a passive analysis tool, not one that stores data and pushes follow-up contact information.

Context-Inappropriate Capability

Low

Confidence: 95% confidence
Finding: The generated report embeds hard-coded personal contact and solicitation details unrelated to the core monetization analysis. In an agent skill context, this can inappropriately direct users off-platform, leak maintainer-identifying information, and create a trust-boundary violation because every report automatically includes the promotion without user consent.

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The documented trigger phrase is broad and overlaps with common user requests about making money from content, which can cause the skill to activate unintentionally in conversations where the user did not explicitly request this specific tool. Unintended invocation can lead to inappropriate tool routing, disclosure of monetization-oriented advice in the wrong context, and reduced user control over agent behavior.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal