The Agent Skills Directory

[COMMAND_EXECUTION]: The skill includes a shell command in SKILL.md (openclaw cron add) designed to schedule recurring tasks via the OpenClaw platform's CLI.
[DATA_EXFILTRATION]: The provided cron command specifies a hardcoded Telegram chat ID (-1003853954380) as the destination for automated reports. These reports are designed to contain business-sensitive data, including revenue totals, conversion rates, and performance metrics from email-state.md.
[PERSISTENCE]: The use of openclaw cron add establishes a persistence mechanism by scheduling recurring AI-driven tasks on the host system.
[INDIRECT_PROMPT_INJECTION]: The skill establishes an automated pipeline where an AI model periodically reads and processes the email-state.md file. Since this file is meant to be updated with data from various external email platforms and CRM systems, it represents an ingestion surface for indirect prompt injection if those external sources contain malicious instructions.
Ingestion points: email-state.md (read by the automated cron job).
Boundary markers: None; the cron message instructs the model to read the entire file and generate a report without delimiters.
Capability inventory: The skill uses the OpenClaw CLI to execute commands and send network-bound notifications to Telegram.
Sanitization: No evidence of input validation or sanitization for the data stored in the state file.

email-sequence-manager