Second Me

Security checks across malware telemetry and agentic risk

Overview

This instruction-only skill coherently builds a local digital-twin profile, but users should understand it can save sensitive personal and workplace details on disk.

Install only if you are comfortable with a persistent local profile about your identity, work, values, habits, and conversation history. Avoid sharing secrets or confidential company information, review the generated SOUL.md and session files, and delete ~/.openclaw/data/second-me/ if you no longer want the stored profile.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (4)

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The skill explicitly stores a durable identity document, progress file, and conversation logs containing highly sensitive personal, workplace, and behavioral data, but it provides no user-facing notice about retention, access, deletion, or privacy risks. Even if intended as a personalization feature, centralizing this level of profile data creates substantial harm potential if the host, filesystem, or other skills gain access.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill description and opening instructions frame the interaction as a natural conversation but do not clearly warn that the agent will solicit and persist sensitive personal and workplace information. This can undermine meaningful consent because users may disclose identity, employment, relationship, and values data without understanding the scope of collection and profiling.

Ssd 3

Medium

Confidence: 98% confidence
Finding: The instructions direct the agent to persist identity documents, progress state, and session logs across sessions, creating a long-lived dossier of sensitive personal data. Persistent storage materially increases exposure from local compromise, unintended reuse by future sessions, access by other components, and secondary misuse beyond the original conversational purpose.

Ssd 3

Medium

Confidence: 96% confidence
Finding: The skill is designed to extract broad personal, psychological, workplace, and behavioral information from casual dialogue and convert it into a durable identity profile. This is dangerous because the conversational framing can elicit more disclosure than a structured form, while the resulting profile is rich enough for impersonation, social engineering, surveillance, or reputational harm if exposed.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal