Skills Compat
Security checks across malware telemetry and agentic risk
Overview
This skill is a straightforward compatibility helper that reads selected skill metadata and exports tool definitions, with no evidence of hidden network access, persistence, credential access, or destructive behavior.
This appears reasonable to install for converting or inspecting OpenClaw skill metadata. Point it only at skill directories you intend to inspect, review exported tool definitions before importing them into another agent system, and ensure any application using execute_tool validates parameters and asks for approval before running powerful host-registered handlers.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
65/65 vendors flagged this skill as clean.