Skills
skills/yanyang1116/skills/channel-file-send/Gen Agent Trust Hub

channel-file-send

Warn

Audited by Gen Agent Trust Hub on Mar 25, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The skill relies on executing the openclaw command-line tool to perform file operations. It provides a specific command pattern openclaw message send --channel '<current-channel>' --target '<current-target>' --media '<local-file-path>' which allows the agent to run shell commands with parameters derived from context or user input.
  • [DATA_EXFILTRATION]: The skill is designed to send local files to an external chat service. It explicitly allows sending any file type, including project artifacts and documents from the user's Desktop or Documents folders. There are no path validation rules or blacklists (e.g., for .ssh, .env, or .aws/credentials), which enables the exfiltration of sensitive information.
  • [PROMPT_INJECTION]: The skill uses highly permissive triggers, including casual phrases like "send it over" or "丢给我," and instructs the agent to prioritize this behavior even when the user does not explicitly mention APIs. This broad activation logic increases the risk of indirect prompt injection, where malicious instructions hidden in a file or webpage could trick the agent into sending sensitive data to the attacker's channel.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 25, 2026, 01:38 PM