File appears to expose a hardcoded API secret or token.
- Code
- suspicious.exposed_secret_literal
- Location
- docs/superpowers/plans/2026-04-01-ux-fixes.md:148
- Evidence
"API_KEY=[REDACTED]"
Security audit
Security checks across malware telemetry and agentic risk
Prompt-injection indicators were detected in the submitted artifacts (ignore-previous-instructions, you-are-now, system-prompt-override, unicode-control-chars); human review is required before treating this skill as clean.
Install OASIS only if you want a Slack app to mediate OpenClaw tool approvals. Store Slack tokens securely, restrict the bot to trusted channels, verify who can approve requests, set conservative thresholds, and periodically review the persistent Allow Always list. ClawScan detected prompt-injection indicators (ignore-previous-instructions, you-are-now, system-prompt-override, unicode-control-chars), so this skill requires review even though the model response was benign.
VirusTotal engine telemetry is currently stale for this artifact.
Detected: suspicious.exposed_secret_literal, suspicious.prompt_injection_instructions
"API_KEY=[REDACTED]"
| `PROMPT_INJECTION` | `ignore previous instructions`, `you are now`, `system prompt:`, `<\|im_start\|>system` 등 | **0.9** | ⚠️ Ask approval ...
| `PROMPT_INJECTION` | `ignore previous instructions`, `you are now` | 0.9 | 승인 요청 |
expect(pattern!.regex.test("ignore previous instructions")).toBe(true);| `PROMPT_INJECTION` | `ignore previous instructions`, `you are now` | 0.9 | Ask approval |