Back to skill

Security audit

Virtual Box Manager

Security checks across malware telemetry and agentic risk

Overview

This skill matches its VirtualBox management purpose, but its helper script can turn VM names or paths into unintended shell commands on the host.

Install only if you intentionally want OpenClaw to administer local VirtualBox VMs. Review exact commands before running actions that delete VMs, power off or reset guests, change networking, add shared folders, import/export appliances, or use guestcontrol. Avoid using the included TypeScript helper with untrusted VM names, file paths, snapshot names, or rule names until it is changed to use execFile/spawn with argument arrays and input validation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill documents irreversible and destructive VM deletion operations, including `unregistervm --delete`, without prominently warning that this can permanently remove VM disks and associated data. In an automation context, users may invoke these commands through an agent without understanding the consequences, increasing the risk of accidental data loss.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill includes hard-stop operations like `poweroff` and `reset` without warning that they can corrupt guest filesystems or lose in-flight data. Because this skill is designed for direct operational control of VMs, omission of safety guidance makes accidental misuse more likely in production or stateful guest environments.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The guest control examples embed plaintext usernames and passwords directly on the command line and demonstrate sensitive guest file manipulation. This is dangerous because credentials may leak through shell history, process listings, logs, or agent transcripts, and the file operations could expose or alter sensitive guest data.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.