mdrgnb-daily-push
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill is configured to transmit data to external platforms (Feishu and QQBot). While this is the intended functionality, it establishes a network pathway for data exfiltration.
- [DATA_EXFILTRATION]: Absolute system file paths are hardcoded (
/home/chenyechao/.openclaw/workspace/mdrgnb_proj), which exposes the local user's directory structure and environment details. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (Category 8) because it processes untrusted external data from PubMed (Step 4 in
SKILL.md). - Ingestion points: External scientific literature (abstracts and full text) retrieved from PubMed.
- Boundary markers: None provided; the instructions do not include delimiters or warnings to ignore embedded instructions within the papers.
- Capability inventory: The skill has the ability to write to the local file system (
summary.md,scores.md,evaluated_papers.json) and perform network operations (pushing to Feishu and QQBot). - Sanitization: There is no evidence of sanitization or validation of the content retrieved from external sources before it is processed by the LLM.
Audit Metadata