ClawHub

ChatGPT Import

Security checks across malware telemetry and agentic risk

Overview

This skill transparently imports ChatGPT history into OpenClaw search, but it handles private conversation data and sends it to OpenAI for embeddings.

Use this only if you want old ChatGPT conversations to become searchable in OpenClaw. Review and remove secrets, personal data, regulated content, or confidential business material before embedding; use a limited OpenAI API key if possible; and protect or delete the exported files and generated SQLite database according to your privacy needs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
94% confidence
Finding
The skill documentation instructs users to run local scripts that read files, write a SQLite database, access environment variables, and send conversation contents over the network to OpenAI, yet it declares no permissions. That mismatch is a real security issue because it hides the skill's effective capabilities from any permission or review system and can lead users to expose sensitive archived conversations and API keys without explicit capability disclosure.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The script transmits the full contents of local markdown files to OpenAI's embeddings API, but it does not provide a clear user-facing warning, confirmation prompt, or consent gate at the point of transmission. Because chat history often contains sensitive personal, proprietary, or credential-bearing content, silent exfiltration to a third-party service creates a real confidentiality risk even if this behavior is part of the tool's intended function.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal