Security audit

Work Progress

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed local progress-monitoring skill that watches OpenClaw session status and stores local task state, with no evidence of exfiltration or destructive behavior.

Install only if you are comfortable with a skill that can inspect active sessions across all OpenClaw agents and keep local session/task metadata. Review configured cron jobs and clear the local state file if you do not want historical monitoring data retained.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The description grants very broad capabilities such as periodic task checking, sub-agent timeout/disappearance recovery, and full-session monitoring without stating when the skill activates, what data it may access, or what limits apply. In an agent environment, overly broad scope can cause unintended continuous monitoring or invocation beyond user expectations, increasing the risk of privacy violations, excessive automation, or abuse by downstream prompts.

Natural-Language Policy Violations

Medium

Confidence: 79% confidence
Finding: The description is written only in Chinese and does not indicate any locale negotiation or language fallback. In multilingual environments this can cause users or reviewers to misunderstand the skill's behavior and consent boundaries, which is especially concerning here because the skill claims monitoring and automatic recovery capabilities.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal