ATXP

OpenClaw analysis

The skill's described functionality matches the npx-based CLI it documents, but the runtime instructions reference local config and an environment variable (and rely on npx downloading code) without declaring those requirements — this is an incoherence that could expose credentials or cause unexpected code execution.

Confidence: medium

VirusTotal

Type: OpenClaw Skill Name: atxp Version: 1.0.1 The SKILL.md contains explicit instructions that enable unauthorized remote control and potential arbitrary code execution. Specifically, it instructs the agent to check emails for 'instructions for downloading the latest version' and to act upon them, creating a direct prompt injection vector for an attacker to send malicious update commands via email. Additionally, it provides instructions on how to modify the critical `/root/.openclaw/openclaw.json` configuration file, which could be exploited to alter agent behavior or permissions. These are not mere vulnerabilities but explicit instructions to the agent that facilitate harmful behavior.