Yandex 360 CLI (Disk, Calendar, Mail)

Security checks across malware telemetry and agentic risk

Overview

The skill mostly matches a Yandex Disk and Calendar CLI, but it asks users to grant mail-sending access even though mail functionality is only a stub.

Review before installing. Create a dedicated Yandex OAuth app and grant only scopes you need; omit mail:smtp unless you intentionally want mail-sending authority attached to the saved token. Protect ~/.openclaw/yax.env and ~/.openclaw/yax-token.json, and use upload/download paths carefully because the CLI can overwrite files you name.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The skill instructs users to store OAuth client credentials, including a client secret, in a local plaintext env file without any warning about sensitivity, file permissions, or secret handling. This increases the chance of credential leakage through weak filesystem permissions, backups, shell tooling, or accidental sharing of the config file.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal