ClawHub

Reminder

Security checks across malware telemetry and agentic risk

Overview

This skill behaves like a disclosed reminder assistant: it stores reminder details locally and schedules Telegram notifications, with no evidence of hidden or unrelated behavior.

Install only if you are comfortable saving reminder details to ~/.openclaw/workspace/reminders/events.yml and receiving Telegram cron reminders. Set REMINDER_TZ if you are not using Asia/Shanghai time, review resolved dates and times after scheduling, and keep any synced workspace private if reminders may contain personal information.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The summary/description is broad enough that the skill may activate on ordinary conversation about plans, meetings, or schedules without a clear, narrow trigger. In this skill’s context, unexpected activation can lead to unintended persistence of personal data into the workspace and scheduling of outbound Telegram reminders, which creates privacy and integrity risk even without malicious code.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explains that data is stored in a workspace and synced via Git, but it does not present this as an explicit user-facing warning at the point of capture. Because reminder content can include sensitive personal information such as birthdays, meetings, and deadlines, silently writing it to a git-synced workspace can expose private data more broadly than the user expects.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill states that it schedules Telegram reminders, but it does not clearly warn users that reminder content and timing will be transmitted through Telegram. Since Telegram is an external messaging channel, sending reminder details there may disclose sensitive schedule information to third-party infrastructure or unintended recipients if chat routing is misconfigured.

Natural-Language Policy Violations

Medium
Confidence
81% confidence
Finding
Defaulting all parsing and scheduling to Asia/Shanghai without clear user confirmation can cause reminders to be created for the wrong absolute time when the user is in another timezone. In a reminder skill, this directly affects reliability and can lead to missed meetings, premature disclosures, or messages being sent at inappropriate times.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal