OpenClaw Skill Builder (Based on Claude)

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only helper for creating and auditing skills; it has some broad wording users should review, but no hidden code, installs, credentials, or data access.

Safe to install as a skill-authoring helper. Before accepting changes it proposes, review SKILL.md diffs for narrow trigger phrases, clear boundaries, scoped tool permissions, and any instructions that would persistently change how agents behave.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 85% confidence
Finding: The trigger phrase at this location is broad enough to match many ordinary workspace requests, which can cause the meta-skill to activate when the user did not intend to create or audit skills. Because this is a meta-skill that influences how other skills are created or updated, accidental activation can propagate poor scoping or override more appropriate task-specific behavior.

Vague Triggers

Medium

Confidence: 81% confidence
Finding: The example guidance endorses generic wording that could be copied into new skills, teaching authors to use triggers that are too broad for safe routing. In a skill-builder context, this is more dangerous than in an ordinary document because it can systematically reproduce overbroad activation patterns across many downstream skills.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal