Security audit

Todolist Md Clawdbot

Security checks across malware telemetry and agentic risk

Overview

This skill appears purpose-built for Google Drive Markdown todo files, but it asks for durable, broad Drive access and can update Drive files, so users should review it carefully before installing.

Install only if you are comfortable granting a script persistent Google Drive access. Prefer a dedicated Google account or OAuth client, verify the target folderId/fileIds, run with dry-run/prepare mode first, keep Drive revision history or backups, and delete the saved refresh token when you no longer need the skill.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The script persists a long-lived Google Drive OAuth refresh token to disk, which creates a durable local secret that can be stolen by any process or user with filesystem access. Although the code attempts to set mode 0600, it gives no user-facing disclosure at the point of storage and uses a default path under /root, increasing risk in shared/containerized environments where secrets may be copied into images, backups, or logs.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal