Openclaw Troubleshooter

Security checks across malware telemetry and agentic risk

Overview

This troubleshooting skill is mostly coherent, but it includes repair instructions that can force-stop processes, overwrite configuration, and uninstall named skills without strong safeguards.

Install only if you are comfortable reviewing each proposed repair before execution. Use check-only diagnostics first, back up `openclaw.json` yourself, verify any claim that another skill is dangerous with a current scan, and do not allow forced process kills or `--yes` uninstalls unless you explicitly intend those changes.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Intent-Code Divergence

Medium

Confidence: 96% confidence
Finding: The documentation claims the tool will automatically back up openclaw.json before repair, but the provided fix-config.ps1 script overwrites the file directly with Set-Content and contains no backup step. This can cause irreversible loss of working configuration or make recovery harder if the generated configuration is wrong or incomplete.

Intent-Code Divergence

Medium

Confidence: 95% confidence
Finding: The skill states that uninstalling skills requires user confirmation, but the example remediation commands use --yes to force uninstall capability-evolver and feishu-doc without an interactive prompt. In a troubleshooting tool, this can lead to unintended destructive changes, especially if detection logic is heuristic and may misclassify a skill as dangerous.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal