Fleet Management Optimizer

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only fleet analysis helper with disclosed marketing links and no evidence of code execution, credential use, persistence, or data exfiltration.

This appears safe to install as a fleet-analysis prompt. Treat the AfrexAI links as marketing rather than neutral software advice, and avoid sharing sensitive driver, vehicle, route, or compliance data unless you are comfortable with your OpenClaw environment's data handling.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Context-Inappropriate Capability

Low

Confidence: 95% confidence
Finding: The skill includes promotional referral content to an external site that is not necessary for performing fleet management analysis. Even though it is not overtly malicious, embedding unrelated links in operational guidance can steer users to unvetted third-party resources, create trust-boundary confusion, and enable social-engineering or supply-chain risk if the destination changes or is later compromised.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal