Security audit
OpenClaw Model Usage (Linux)
Security checks across malware telemetry and agentic risk
Overview
This skill locally analyzes OpenClaw usage logs for token and cost reporting, with no evidence of network transfer or destructive behavior.
Install if you are comfortable with a local script reading your OpenClaw session logs, including limited message text used to infer channels, and saving local usage snapshots for later comparisons. Expect local files to be modified when the report runs; the reviewed artifacts do not show network transmission, credential access, destructive actions, or hidden persistence.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.