ClawHub
Back to skill

Security audit

Oc Call

Security checks across malware telemetry and agentic risk

Overview

This skill is purpose-aligned, but it forwards user prompts to a hardcoded HTTP endpoint with a hardcoded token and persistent session key, so users should review it before installing.

Install only if you own or fully trust the OpenClaw Gateway at 192.168.123.106 and the local network path to it. Avoid sending secrets through this skill unless you replace the hardcoded URL/token, prefer HTTPS, and understand that ~/.oc_session keeps continuity across requests until cleared.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill documentation describes capabilities that perform network access to a remote host, write a local session file, and invoke external tooling, yet no explicit permissions are declared. This creates a transparency and governance gap: users and platforms may not realize the skill can exfiltrate prompts over the network and persist state locally, increasing the chance of unintended data exposure.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill sends user prompts over plain HTTP to a remote machine on the local network and persists session state locally, but the description does not clearly warn users of either behavior. In this context, that omission is security-relevant because users may submit sensitive data without understanding it will transit unencrypted and be linked across sessions.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The script sends user prompts and a persistent session identifier to a remote service over plain HTTP to an internal host, with no user-facing disclosure or consent flow. This creates confidentiality and privacy risk because prompts can contain sensitive data and HTTP traffic can be intercepted or modified by anyone with network position on the internal segment.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal