Back to skill

Security audit

BOC Forex Monitor

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed scheduled forex-rate monitor that fetches Bank of China exchange rates, stores local state, and can optionally send user-configured alerts.

Before installing, review the cron schedule, run the script once manually, confirm the notification channel/target/account, and keep .openclaw-state private or out of version control because it can contain alert history and recipient identifiers.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill explicitly instructs users to copy and run Python scripts that read environment variables, access local state files, invoke shell-executed cron workflows, and fetch data from an external website, yet it declares no permissions. This creates a transparency and governance gap: operators may approve or deploy the skill without understanding that it can perform network access and persistent local file writes, which increases the risk of misuse or unintended data exposure.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.