AI Copywriting Generator

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward AI copywriting helper that sends user-entered marketing text to an AI API, with privacy cautions but no hidden or destructive behavior found.

Before installing, verify the `openclaw` Python package you will install, use a limited and revocable API key where possible, and avoid entering confidential product plans, customer data, unreleased campaigns, secrets, or regulated information unless OpenClaw's data-handling terms are acceptable for your use.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill sends user-supplied product, features, and target-audience data to a remote API without any disclosure, consent flow, or data-minimization controls. This can expose confidential marketing plans, internal product details, or sensitive audience information to a third-party service unexpectedly.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal