Back to skill

Security audit

Imessage Sender

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do what it says, but it can automatically send local images through Messages and leaves copied images on disk without strong confirmation or cleanup controls.

Install only if you intentionally want an agent to send images through your Mac Messages account. Confirm the recipient and image path before each send, avoid unusual characters in filenames or phone numbers until AppleScript escaping is fixed, and periodically clear ~/Pictures/openclaw-send/ if the images may be sensitive.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger condition is overly broad because it says to automatically send an image whenever the user requests to send one, without requiring confirmation, recipient validation, or an explicit image selection step. In an agent setting, this can cause unintended data exfiltration or accidental sending of sensitive images based on ambiguous natural-language requests.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill copies images into persistent local storage under ~/Pictures/openclaw-send/ before sending, but this persistence behavior is not prominently disclosed as a warning in the skill description. Users may assume the action is transient, while in reality sensitive images remain stored on disk and could later be exposed to other local processes, backups, or shared device access.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.