Skill Cortex Pub

Security checks across malware telemetry and agentic risk

Overview

This skill is not malicious, but it deserves review because it can add and run other skills from external sources and keep persistent routing memory that affects future behavior.

Install only if you are comfortable letting the agent propose temporary third-party skills for tasks it cannot handle. Before approving any candidate, check its source, version, scan status, requested permissions, and side effects, and periodically inspect or reset ~/.openclaw/skill-cortex/cortex.json if routing or reflex behavior seems wrong.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The trigger condition 'when installed Skills cannot complete the current task' and 'If you can handle it yourself, just do it' is subjective and underspecified, making activation dependent on unclear self-assessment. In a skill that can search external sources and install new capabilities, ambiguous triggering increases the chance of unnecessary or premature acquisition flows, expanding the attack surface and potentially leading to unreviewed capability escalation attempts.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal