Back to skill

Security audit

yoooclaw-daily-morning-brief-en

Security checks across malware telemetry and agentic risk

Overview

This skill coherently creates a morning brief from recent notifications, with sensitive read access disclosed and no evidence of hidden persistence, mutation, or exfiltration.

Install this only if you want the agent to read recent connected notifications to prepare a daily brief. Use explicit time ranges and be aware that broad morning-report requests may cause it to search notification history from yesterday to now.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Context-Inappropriate Capability

Medium
Confidence
93% confidence
Finding
The skill explicitly instructs the agent to invoke a shell command (`openclaw ntf search`) to retrieve data, which expands the skill from passive summarization into tool-driven system access. Even though the command appears fixed and task-relevant, shell execution increases attack surface because a summarization request can now trigger external command execution and access potentially sensitive notification data.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger phrases are very broad and overlap with normal conversational requests such as asking for a summary of important information or a morning report. This can cause the skill to activate in situations where the user did not clearly intend notification retrieval, which is more dangerous here because the skill then proceeds to query potentially sensitive personal and work notifications.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.