ClawHub

Volcengine (Volcano Engine)

Security checks across malware telemetry and agentic risk

Overview

This is a documentation/configuration skill for using Volcano Engine models, with expected API-key and remote API examples but no hidden or automatic risky behavior found.

Install only if you intend to use Volcano Engine as an OpenClaw model provider. Use a restricted API key, prefer environment variables or a secret manager, do not commit .env or openclaw.json files containing real keys, and avoid sending sensitive prompts or files in connection tests unless you accept Volcengine's data handling terms.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The document explicitly advises never committing API keys, yet the complete configuration example embeds a secret-like value under the `env` section. Even though the value is a placeholder, this normalizes storing credentials directly in config artifacts that are likely to be copied into repositories or shared files, increasing the chance of real secret exposure.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The examples show API keys being placed directly in `openclaw.json` and a local `.env` file without a prominent warning about accidental disclosure through source control, backups, logs, or shared home directories. This is risky because users often copy documentation verbatim, turning illustrative examples into real insecure secret-handling practices.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The test script performs an authenticated POST to a third-party API and sends user-provided prompt content, but the surrounding instructions do not clearly disclose that prompts and returned content will leave the local environment. This is primarily a transparency and privacy issue: users may unknowingly transmit sensitive test data to a remote service.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal