Skills
skills/openclaw/skills/clawdtm-advisor/Gen Agent Trust Hub

clawdtm-advisor

Warn

Audited by Gen Agent Trust Hub on Feb 19, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
  • EXTERNAL_DOWNLOADS (MEDIUM): The skill downloads content from clawdtm.com, an unverified third-party domain not included in the trusted sources list.
  • COMMAND_EXECUTION (MEDIUM): The skill instructs the agent to use curl to fetch data and then write files to the local workspace (./skills/{slug}/).
  • REMOTE_CODE_EXECUTION (MEDIUM): The purpose of the skill is to install executable content (other agent skills) onto the local machine. Once installed and the session is restarted, this code is executed.
  • INDIRECT_PROMPT_INJECTION (LOW): The skill is vulnerable to indirect prompt injection because it processes untrusted skill descriptions and metadata from a remote API without sanitization or boundary markers.
  • Ingestion points: API responses from clawdtm.com/api/v1/skills/search and .../install (processed in SKILL.md).
  • Boundary markers: Absent; the agent is instructed to present raw results to the user.
  • Capability inventory: File-writing to workspace, network requests via curl.
  • Sanitization: None detected; the agent processes and displays raw strings from the API.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 19, 2026, 01:36 PM