Security audit

GOG Stale Games Cleanup

Security checks across malware telemetry and agentic risk

Overview

The skill largely matches its stated cleanup purpose, but it quietly reads local email configuration files, including a hard-coded OpenClaw workspace path, before sending mail and creating reminders.

Review scripts/sweep.sh before installing. Run it with --dry-run first, confirm the selected himalaya account, recipient address, and Reminders list, and avoid enabling the cron example unless you want recurring automated reports. Be aware the emailed report can include local game install paths.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (4)

Context-Inappropriate Capability

Medium

Confidence: 95% confidence
Finding: The script reads email account data from unrelated local configuration locations, including a hard-coded workspace path under /root/.openclaw/workspace, which is broader filesystem access than the stated game-cleanup workflow requires. Even though it only extracts an email address, this creates unnecessary access to local configuration data and can expose sensitive environment details or enable unintended data use if those files contain more than expected.

Context-Inappropriate Capability

Medium

Confidence: 96% confidence
Finding: The email send path again reads a hard-coded workspace config file to populate the From address, introducing unnecessary access to local configuration outside the workflow's stated purpose. This is dangerous because it couples message generation to an external file in a privileged-looking path and may leak or misuse account metadata from the host environment.

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The trigger phrases are broad enough to match ordinary user language such as 'clean up my GOG library' or 'games I haven't played', which can cause the skill to activate in situations the user did not clearly intend. Because this skill sends email and creates reminders, an accidental invocation can produce unwanted side effects and disclosure of personal gaming activity.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The script silently reads local config files to derive email addresses without warning the user, which is a transparency and privacy issue. In the context of a cleanup skill, accessing hidden account configuration is not obvious from the user-facing description, so users may unknowingly permit collection or use of local identity information.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.