Back to skill

Security audit

Video Messages from your openclaw

Security checks across malware telemetry and agentic risk

Overview

The skill appears to do what it advertises: create avatar videos and send them, with some operational risks users should understand.

Install only if you want your agent to generate and send avatar video messages through the configured messaging tool. Prefer explicit user confirmation before sending, and consider changing cleanup to delete only the exact video file created for the current run.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The skill description includes broad triggers like 'video message', 'video reply', and delivering TTS as video, which can overlap with ordinary user requests and cause the agent to invoke this skill unexpectedly. Because the skill can generate media and send it outbound, overbroad invocation increases the chance of unintended execution and data transmission without sufficiently explicit user intent.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The workflow and example instruct the agent to send the generated video via the message tool and return NO_REPLY, but they do not require any warning, confirmation, or explicit consent before outbound transmission. This is risky because it can cause silent exfiltration of generated or user-derived content to an external messaging channel.

Tool Parameter Abuse

High
Category
Tool Misuse
Content
## Notes

- Config is read from TOOLS.md
- Clean up temp files after sending: `rm /tmp/video*.mp4`
- For regular video (not circular), omit `asVideoNote=true`
Confidence
93% confidence
Finding
rm /tmp/

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.