OctoClaw

The `scripts/octoprint.py` skill bundle is classified as suspicious due to several high-risk capabilities that, while presented as legitimate functionality, create significant attack surfaces for an AI agent. Specifically, the `upload <local-path>` command allows reading arbitrary local files and uploading them to the configured OctoPrint instance. The `snapshot [output-path]` command allows writing webcam images to arbitrary local paths. Furthermore, the `telegram-msg` and underlying `send_telegram_photo` functions could be misused to exfiltrate arbitrary data or files to a configured Telegram chat. These capabilities, if exploited via prompt injection against the AI agent, could lead to unauthorized data exfiltration or arbitrary file manipulation, despite no explicit malicious intent being found in the code or `SKILL.md`.