Skills
skills/sundial-org/awesome-openclaw-skills/chart-image/Gen Agent Trust Hub

chart-image

Warn

Audited by Gen Agent Trust Hub on Mar 23, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The CAPABILITY.md file includes instructions for the agent to execute shell commands using a pattern vulnerable to injection.\n
  • The 'lineChart' and 'barChart' fulfillment steps recommend using echo '${JSON.stringify(data)}' > /tmp/chart-data.json.\n
  • Since JSON.stringify does not escape single quotes, a data payload containing a single quote can terminate the shell's single-quoted string and allow for the execution of arbitrary commands on the host system.\n- [DATA_EXFILTRATION]: The skill utilizes the Vega and Vega-Lite libraries, which have built-in support for loading data from remote URLs.\n
  • The vega-loader component can be triggered to make network requests if a chart specification (provided via data or spec file) contains a 'url' field. This creates a risk for Server-Side Request Forgery (SSRF) and unintended data exfiltration.\n- [EXTERNAL_DOWNLOADS]: The skill's scripts depend on the 'sharp' library, a common image processing tool.\n
  • During the npm install process, 'sharp' may download prebuilt, platform-specific binaries from its official release channels to facilitate operation without native compilation.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 23, 2026, 05:30 PM