Bioinfo Daily

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed PubMed daily-report skill with normal setup risks around API keys, optional web search, and scheduled execution.

Install if you are comfortable with PubMed/API-key based literature searches and optional scheduled runs. Prefer OpenClaw config or environment variables over a .env file; if you use .env, keep it limited to NCBI_EMAIL and NCBI_API_KEY and writable only by trusted users. Avoid confidential topics with the optional web_search helper.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Context-Inappropriate Capability

Medium

Confidence: 83% confidence
Finding: The script delegates searching to an external CLI (openclaw) and passes user-controlled topic text into that tool without any validation or output trust controls. Even though the subprocess call itself is not shell-injectable, this broadens the attack surface to whatever parsing, plugin behavior, or prompt-handling the external tool performs, making this more dangerous in an agent skill that may run automatically on schedules.

Missing User Warnings

Medium

Confidence: 87% confidence
Finding: The script unconditionally sources a local .env file, which executes arbitrary shell content rather than merely parsing key-value pairs. If an attacker can modify that file in the skill directory or influence its contents, they can achieve code execution in the context of whoever runs the script, making this significantly more dangerous than simple credential loading.

VirusTotal

55/55 vendors flagged this skill as clean.

View on VirusTotal