OpenClaw News

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed news-briefing skill that collects public OpenClaw ecosystem updates and stores limited local state for repeat runs.

Before installing, confirm you are comfortable with the skill using your configured GitHub CLI account for read-only GitHub API calls, contacting ClawHub and search providers, and writing cached results under its own state directory. Only add the cron entry if you want recurring briefings, and remove that cron job when you no longer want scheduled messages.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The on-demand trigger phrase is very broad (e.g. "what's new in OpenClaw?") and could be invoked during ordinary conversation, causing the agent to run the news collection workflow unexpectedly. Because the skill instructs the agent to execute local scripts and query external services, accidental activation can lead to unintended tool use, unnecessary network access, and noisy or misleading behavior.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal