Is kanjartopnotch-ux/win-terminal safe?

https://github.com/openclaw/skills/tree/main/skills/kanjartopnotch-ux/win-terminal

79
CAUTION

This skill provides legitimate Windows terminal functionality but poses significant security risks due to its arbitrary command execution capability. While no malicious code was detected during installation and canary files remained intact, the skill's intended purpose of executing any shell command creates inherent security vulnerabilities that could be exploited if an attacker manipulates the LLM.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 70/100 · 25%
Code Execution 60/100 · 20%
Clone Behavior 95/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 40/100 · 5%

Findings (4)

HIGH Arbitrary Command Execution Capability -40

The skill's core functionality is to execute arbitrary shell commands on Windows systems through PowerShell or Windows Terminal. While this is the intended purpose, it poses significant security risks if the LLM is manipulated into executing malicious commands.

MEDIUM Command Execution Enables Data Exfiltration -30

While the skill doesn't explicitly attempt data exfiltration, its arbitrary command execution capability could be exploited to read sensitive files, access credentials, or send data to external systems if an attacker can influence the LLM's command generation.

MEDIUM Trust Model Security Concerns -40

The skill explicitly states it 'trusts command input' without detailed specification of input sanitization mechanisms. While it claims to block 'known dangerous patterns,' the specific protections are not detailed, creating potential attack vectors.

MEDIUM Potential Privilege Escalation Vector -20

The skill mentions that commands requiring Administrator privileges will request approval from the user. This could potentially be exploited for privilege escalation if an attacker can manipulate the LLM into requesting elevated permissions for malicious commands.