Back to skill

Security audit

OpenClaw News Publisher

Security checks across malware telemetry and agentic risk

Overview

The skill’s publishing purpose is clear, but it asks users to install unreviewed external code, provide platform credentials, and run commands that can publish content publicly without enough safety guidance.

Review the external GitHub repository and dependencies before installing, preferably pinning to a known commit. Use preview and --dry-run first, specify target platforms explicitly, use test or least-privilege credentials, keep .env out of version control, and require human confirmation before any live publish command.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The README instructs users to run a `publish` command for multiple external platforms and to configure platform credentials, but it does not clearly warn that doing so will transmit article content to third-party services and may write or update local output such as feed files and publication records. In an agent/skill context, unclear disclosure of external network actions and file modifications can lead to unintended data sharing or side effects by users who assume a preview-like or local-only workflow.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The skill instructs users to place platform credentials in a .env file and describes multi-platform publishing to external services, but it does not warn about protecting secrets, avoiding accidental commits, or the privacy implications of sending article content to third-party platforms. In an agent/automation context, missing safety guidance increases the chance of credential leakage and unintended external data disclosure.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The documented publish commands appear operational and can post to third-party accounts or modify a public RSS feed, yet there is no prominent warning that these are real side-effecting actions. Users may run examples assuming they are harmless tests, leading to accidental publication, reputational damage, or unauthorized use of connected accounts.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.