Skills
skills/sundial-org/awesome-openclaw-skills/clawdbot-cost-tracker/Gen Agent Trust Hub

clawdbot-cost-tracker

Warn

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [Data Exposure] (MEDIUM): Path Traversal in scripts/calculate-cost.js. The script uses the second command-line argument (process.argv[2]) to construct a file path via path.join. An attacker could pass a relative path (e.g., ../../target) to read unintended files ending in .json.
  • [Indirect Prompt Injection] (MEDIUM): The skill handles untrusted data from session metadata. Ingestion points: stdin in snapshot-usage.js and argv in both scripts. Boundary markers: None. Capability inventory: File system read/write via fs module. Sanitization: None; inputs are used directly in file paths and content.
  • [Command Execution] (LOW): Core functionality is implemented through local Node.js scripts. While these are part of the skill, they provide the agent with broad file system access without sufficient input validation.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 16, 2026, 12:46 PM