ClawHub
Back to skill

Security audit

Secure P2p Messenger Real

Security checks across malware telemetry and agentic risk

Overview

This looks like a local encryption prototype, but it overstates secure-messenger features and persists sensitive keys in a way users should review before trusting it.

Install only if you understand this as a simple local encryption tool, not a fully reviewed secure messenger. Do not rely on its claims of file transfer, verified identity, metadata protection, or strong authenticated encryption for sensitive communications. Protect or passphrase-encrypt the private key under ~/.openclaw/secure-p2p/keyring, and avoid using untrusted contact IDs or message packages.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill declares and installs shell-based functionality (`install.sh`, bash, openssl, jq, base64) but does not declare corresponding permissions or clearly scope what shell execution is required. This creates a trust and review gap: users or platforms may treat the skill as lower risk than it is, while installation can execute arbitrary local commands with the user's privileges.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The script generates and persists a private key and identity metadata under the user's home directory without setting restrictive permissions, warning the user, or using a protected keystore. On multi-user systems or in permissive umask environments, this can expose long-lived private key material and undermine the confidentiality of all messages for that identity.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.