The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: Fetches threat intelligence and security advisories from the vendor's official domain (matrix.tencent.com). This communication is limited to non-sensitive metadata such as extension names and version strings.
[COMMAND_EXECUTION]: Executes the local openclaw binary to perform deep configuration audits and list installed extensions. This is a primary function of the skill and uses the established CLI of the host environment.
[DATA_EXFILTRATION]: Transmits system and extension metadata to the vendor's infrastructure for reputation checking. This behavior is fully disclosed in the skill's documentation and can be disabled by the user by setting the AIG_CLOUD_LOOKUP environment variable to off.
[PROMPT_INJECTION]: Processes data from tool outputs and remote API responses which represents an indirect prompt injection surface.
Ingestion points: Output from openclaw skills list and JSON responses from the matrix.tencent.com API.
Boundary markers: Not explicitly defined in the report generation templates.
Capability inventory: Includes shell command execution via the openclaw binary and network access via curl.
Sanitization: No explicit filtering or escaping of ingested data is described in the logic.

edgeone-clawscan