critical
suspicious.dangerous_exec
- Location
- scripts/workday-greeting.js:40
- Finding
- Shell command execution detected (child_process).
Workday Music Greeting
AdvisoryAudited by Static analysis on May 12, 2026.
Overview
Detected: suspicious.dangerous_exec
Findings (1)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
NoteHigh Confidence
ASI02: Tool Misuse and ExploitationWhat this means
If MUSIC_CMD is set to an unsafe command, running the skill could execute that command locally.
Why it was flagged
The skill runs a local shell command to switch music scenes. This is purpose-aligned, but the command comes from an environment variable and is executed through the shell.
Skill content
const cmd = process.env.MUSIC_CMD || 'home-music'; ... execSync(`${cmd} ${slot}`, { stdio: 'inherit', timeout: 15000 });Recommendation
Use only a trusted MUSIC_CMD value, preferably the intended home-music command. A safer implementation would use spawn/execFile with fixed arguments and explicit slot validation.
NoteHigh Confidence
ASI03: Identity and Privilege AbuseWhat this means
The skill can send emails using the configured SMTP account.
Why it was flagged
The skill uses SMTP credentials to send email from the configured account to GREETING_TO, which is expected for its greeting-email purpose.
Skill content
auth: { user: process.env.SMTP_USER, pass: process.env.SMTP_PASS } ... await transporter.sendMail({ from: process.env.GREETING_FROM || process.env.SMTP_USER, to, subject, html });Recommendation
Use an app-specific password or limited-purpose email account, set GREETING_TO carefully, and do not configure SMTP credentials unless you want the skill to send these messages.
NoteHigh Confidence
ASI10: Rogue AgentsWhat this means
If scheduled, it may repeatedly switch music scenes and send greeting emails at the configured times.
Why it was flagged
The documentation suggests user-configured cron scheduling, which can make the skill run repeatedly without manual invocation.
Skill content
Set up as an OpenClaw cron job for fully automatic daily operation
Recommendation
Only create the cron jobs you actually want, verify the timezone and recipient, and remove the schedule if you no longer want automatic behavior.