Back to skill

Security audit

Agentic Commerce News

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed news-briefing skill with optional scheduling support, not a skill that secretly accesses data, credentials, or performs purchases.

Install if you want an agentic-commerce news briefing. Review any recurring digest request before approving it, especially OpenClaw cron or system crontab, because those can create persistent background jobs. The artifact does not require API keys and contains no executable scripts.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
91% confidence
Finding
The skill goes beyond generating a news briefing and instructs the agent to probe the local environment (`which openclaw`) and potentially configure persistent scheduling via `openclaw` or system `crontab`. That expands scope from content retrieval into local system interaction and persistence, which can create unintended side effects or unauthorized task creation if the skill is auto-invoked or the user did not explicitly consent to system-level scheduling.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The README defines broad trigger examples such as ordinary requests for industry news and scheduled digests, which can cause the skill to activate in response to general conversation rather than an explicit invocation. In an agent environment, over-broad auto-triggering can lead to unintended web searches, scheduled task creation, or the skill taking over unrelated requests, creating a prompt-routing and unintended-action risk even though the content is not overtly malicious.

Vague Triggers

Medium
Confidence
85% confidence
Finding
The trigger text includes broad natural-language phrases like 'what's new in agentic commerce this week' and 'set up a daily digest of agentic commerce updates' even when the skill is not explicitly named. Overbroad triggers increase the chance of accidental invocation, which is more concerning here because the skill can branch into scheduling behavior and create recurring jobs rather than only returning a passive briefing.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.