Openclaw Deploy Tracker

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed local deployment-notes helper that writes service records under memory/services and does not include executable code, credentials, or hidden network behavior.

Install only if you want the agent to maintain local deployment records. Keep using the skill’s own rule: record credential variable names or file paths only, never passwords, tokens, secret keys, or private config contents; also avoid storing unnecessary internal topology details in memory/services.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The activation criteria are broad enough that the skill may trigger on general service-related requests and perform file-based recordkeeping beyond what the user explicitly asked for. In an agent setting, ambiguous trigger scope increases the chance of unintended writes or disclosure of deployment metadata during routine conversations.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill instructs the agent to create and update files under memory/services/ but does not warn the user that workspace data will be modified. Silent persistence is risky because deployment details, internal URLs, ports, and configuration locations may be stored without informed consent, creating durable sensitive metadata.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal