Skills
skills/openclaw/skills/pomodoro/Gen Agent Trust Hub

pomodoro

Warn

Audited by Gen Agent Trust Hub on Feb 22, 2026

Risk Level: MEDIUMCOMMAND_EXECUTION
Full Analysis
  • [Metadata Poisoning] (MEDIUM): The _meta.json file contains deceptive metadata. The displayName is set to 'make a recipe' and the slug to 'makeovern', which are entirely unrelated to the 'pomodoro' functionality defined in the skill body. This discrepancy is a primary indicator of misleading or malicious intent.
  • [Command Execution] (SAFE): The skill utilizes standard shell commands (sleep, echo, date) and osascript (for macOS notifications) to facilitate a timer. These commands are consistent with the intended use case of a Pomodoro timer.
  • [Data Exposure & Exfiltration] (SAFE): The skill writes to and reads from ~/pomodoro.log to track focus sessions. This file access is local, limited to session data, and does not involve sensitive system paths or external network requests.
  • [Indirect Prompt Injection] (LOW): The skill reads data from a local log file (~/pomodoro.log). While this creates a surface for indirect injection if the file content were controlled by an attacker and interpreted by the agent, the current implementation only outputs the data via grep and does not process it as instructions.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 22, 2026, 11:22 PM