company-briefing
Warn
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill documentation includes instructions for executing
setxcommands with the/Mflag to configure system-wide environment variables. This requires administrative privileges and establishes a persistent configuration on the host machine. - [COMMAND_EXECUTION]: The skill mandates that the agent save generated Markdown reports to a specific hardcoded absolute path on the local filesystem (
D:\ai-openclaw\docs\). - [EXTERNAL_DOWNLOADS]: The skill fetches content from external web sources via Baidu and utilizes well-known technology services including Tavily AI and OpenAI for its core research functionality.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface. Ingestion points: Web search results and third-party website content are brought into the agent context. Boundary markers: The skill does not define delimiters or instructions to ignore commands within the fetched data. Capability inventory: The agent has the ability to write files to the local disk and transmit data to external APIs. Sanitization: No sanitization or validation of the ingested external content is mentioned.
Audit Metadata