Console Agent

The skill bundle is designed to integrate AI agent capabilities into user code, including features like `google_search`, `code_execution` (Gemini-hosted Python sandbox), and `url_context`. The primary reason for classifying this as 'suspicious' is the `includeCallerSource` feature, which, by default, automatically reads and sends the source code of the calling file to the remote AI service. While the documentation in `SKILL.md` and `AGENTS.md` states that sensitive data is auto-anonymized and provides an option to disable this feature (`includeCallerSource: false`), sending arbitrary user code to a third-party service represents a significant data exposure risk and potential for unintentional intellectual property or secret leakage, even without explicit malicious intent from the skill's author. No direct prompt injection attempts against the OpenClaw agent or other clear malicious behaviors (e.g., local RCE, persistence, credential theft) were found.