Back to skill

Security audit

yoooclaw-expense-tracker-en

Security checks across malware telemetry and agentic risk

Overview

This expense tracker has a coherent purpose, but it can read broad phone notification files containing sensitive financial and personal data with broad activation triggers and no explicit confirmation step.

Install only if you are comfortable with the skill reading local phone notification files for the requested dates, including bank, payment, merchant, transfer, contact, and other app notification contents. Use explicit prompts with narrow date ranges and categories, and review whether OpenClaw gives you a confirmation opportunity before notification files are accessed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

High
Confidence
96% confidence
Finding
The trigger list is extremely broad and overlaps with common finance-related phrasing like 'this week', 'this month', 'spent', and 'money', which raises the chance the skill activates for queries the user did not specifically intend for this skill. Because the skill then accesses highly sensitive phone notification data, unintended invocation can expose private financial history and enable over-collection beyond user expectations.

Missing User Warnings

High
Confidence
98% confidence
Finding
The skill is designed to parse mobile notifications containing bank messages, payment records, transfers, and other personal financial events, but it does not clearly warn the user that sensitive notification contents will be accessed and analyzed. In this context, missing disclosure is dangerous because users may unknowingly authorize analysis of comprehensive financial and interpersonal data, creating significant privacy and consent risks.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.