Security audit

收支管理

Security checks across malware telemetry and agentic risk

Overview

This skill is a local finance tracker that stores personal and shop records in disclosed JSON files, with no evidence of network transfer, credential use, deception, or destructive behavior.

Install this only if you are comfortable keeping detailed spending, budget, inventory, purchase, and sales history in local OpenClaw private-data files. Review the heartbeat reminder behavior if you do not want proactive budget prompts.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 88% confidence
Finding: The skill describes persistent reads and writes under a private workspace path and invokes a Python script to modify multiple JSON files, but it does not declare any permissions for those file operations. This creates a trust and review gap: the runtime may still perform sensitive filesystem access while users and policy controls are not explicitly informed of the capability.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.