ClawHub

Openclaw Continuous Learning

Security checks across malware telemetry and agentic risk

Overview

This skill locally analyzes OpenClaw session logs and stores local learning summaries as advertised, with privacy caveats but no evidence of hidden transfer or destructive behavior.

Install this only if you want local learning from prior OpenClaw sessions. Before running it, review or scrub sensitive session logs, avoid optional cron scheduling until you understand what it records, and periodically inspect or delete the generated memory/learning files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger list uses very broad phrases like "pattern detection," "session analysis," and "agent optimization," which could cause the skill to activate during ordinary conversations that merely mention those concepts. In this skill's context, unintended activation is more dangerous because the skill is designed to inspect session history and persist derived learning data, potentially causing unexpected analysis of sensitive interactions.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explains that it reads session history and stores learnings, but it does not clearly warn that sessions may contain secrets, personal data, credentials, or other sensitive content that will be processed and written into new files. Because the skill is specifically built for long-term behavioral analysis, omission of privacy and data-handling warnings increases the risk of unintentional retention and propagation of sensitive information.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The script enumerates per-agent session history under ~/.openclaw/agents, parses message and tool activity, extracts errors, and stores derived "instincts," patterns, and optimizations to persistent files in the workspace. There is no consent check, disclosure, minimization, or access control in the script, so potentially sensitive user/session data can be silently profiled and retained beyond its original purpose.

VirusTotal

No VirusTotal findings

View on VirusTotal