Back to skill

Security audit

Paprika Recipe Importer

Security checks across malware telemetry and agentic risk

Overview

This skill does its stated job locally, but its instructions use raw recipe-derived filenames in shell commands and shared temporary paths, which users should review before installing.

Install only if you are comfortable with a skill that creates local recipe files and runs a local Python packaging script. Use sanitized, fixed temporary filenames or a private temp directory rather than raw recipe titles, and remove intermediate JSON files after creating the `.paprikarecipes` archive.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Rogue AgentSelf-Modification, Session Persistence
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Vague Triggers

Medium
Confidence
79% confidence
Finding
The trigger conditions are broad enough that the skill may activate whenever a user shares recipe-like content or implies export to Paprika, even if they did not clearly request file creation. Over-broad activation can cause unintended processing of user-provided content and unintended file generation, which is a security and privacy concern in agentic systems.

Session Persistence

Medium
Category
Rogue Agent
Content
## Step 2 — Build JSON

Write the recipe as a JSON file to a temp path, e.g. `/tmp/<recipe-name>.json`.

## Step 3 — Run the Script
Confidence
91% confidence
Finding
Write the recipe as a JSON file to a temp path, e.g. `/tmp/<recipe-name>.json`. ## Step 3 — Run the Script ```bash python3 ~/.openclaw

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.