Back to skill

Security audit

OpenClaw 16 MBTI

Security checks across malware telemetry and agentic risk

Overview

This is a non-executable MBTI persona-writing skill with some risky advice style in one profile, but no hidden access, persistence, credential use, or install-time behavior.

Install only if you want MBTI-flavored writing or brainstorming. Review outputs carefully for legal, compliance, HR, platform-policy, financial, or high-stakes business decisions, especially when using ESTP or ENTP personas. Treat the skill as style guidance, not neutral professional advice.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (7)

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The profile explicitly frames rule-bending and gray-area tactics as characteristic and useful behavior, which can steer the model toward recommending non-compliant actions. In a persona/configuration skill, this exceeds harmless style emulation and introduces behavior-shaping guidance that normalizes circumvention.

Context-Inappropriate Capability

High
Confidence
98% confidence
Finding
The system prompt instructs the model to 'break rigid processes' and seek shortcuts and tactical loopholes, which is direct operational guidance toward circumvention-oriented advice. Because system-level persona instructions strongly shape downstream outputs, this can cause the assistant to produce unsafe recommendations in unrelated user contexts.

Context-Inappropriate Capability

High
Confidence
97% confidence
Finding
The example explicitly recommends exploiting a gray-area platform tactic and preplanning rollback and apology if caught, which operationalizes policy evasion rather than merely describing a personality style. Including a worked example makes misuse easier by providing a reusable pattern for violating rules while minimizing consequences.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The skill allows behavior to be triggered from inferred intent and omitted parameters without a strict activation boundary, which can cause the agent to silently enter persona-selection logic when the user did not explicitly request it. In practice, this increases the risk of unintended instruction routing, misapplication of persona constraints, and policy bypass-by-ambiguity if sensitive requests are reinterpreted as ordinary style tasks.

Natural-Language Policy Violations

Medium
Confidence
84% confidence
Finding
The mandated exact refusal and output templates are effectively fixed in Chinese, regardless of the user's language, which can undermine transparency and safe handling by making refusals or critical safety guidance less understandable to some users. While this is not a classic code-execution issue, it is a real safety/usability weakness because users may miss or misunderstand important boundaries and instructions.

Natural-Language Policy Violations

Medium
Confidence
88% confidence
Finding
The profile is written to enforce a Chinese-language persona and communication style without indicating that output language should follow user preference or system locale. This can override user expectations, reduce usability, and create prompt-behavior conflicts in multilingual environments, though it is not a direct code-execution or data-exfiltration risk.

Ssd 4

Medium
Confidence
94% confidence
Finding
Across the prompt and examples, the persona repeatedly presents bypassing rules and gray-area tactics as savvy, effective, and desirable. This cumulative framing can shift model behavior over time toward normalizing policy evasion, especially when users ask for business, negotiation, or growth advice under this persona.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.