Skills
skills/sundial-org/awesome-openclaw-skills/daily-recap/Gen Agent Trust Hub

daily-recap

Pass

Audited by Gen Agent Trust Hub on Mar 24, 2026

Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes agent memory files and task summaries which may contain untrusted data from previous interactions.
  • Ingestion points: Memory files (memory/YYYY-MM-DD.md) and cron run summaries are read to identify accomplishments.
  • Boundary markers: None. The skill does not use delimiters to isolate the summarized content from the instructions.
  • Capability inventory: The skill has the ability to read local files and invoke the nano-banana-pro image generation tool.
  • Sanitization: Absent. The agent is instructed to select wins for the posterboard without any validation or escaping of the content.
  • [DATA_EXFILTRATION]: The skill aggregates information from the agent's internal history and transmits a visual summary to an external destination defined by the RECAP_CHAT_ID environment variable.
  • [COMMAND_EXECUTION]: Documentation provides a setup command for the user to manually create a persistent cron job using clawdbot cron add.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 24, 2026, 12:25 AM