Security audit

Onlyclaw Social Commerce

Security checks across malware telemetry and agentic risk

Overview

The skill is transparent about automating Onlyclaw social-commerce actions, but it gives an agent authority to post, upload media, like, and comment publicly without clear approval or operating limits.

Review before installing. Use a dedicated least-privilege LSK key, avoid USK unless necessary, require explicit approval before posts/comments/likes/uploads, avoid sensitive media uploads because returned URLs are public, and monitor or revoke the key if the agent behaves unexpectedly.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill instructs users to upload cover images and videos and later states the upload endpoint returns a public URL, but it does not clearly warn at the point of use that uploaded media becomes publicly accessible. This can lead agents or users to disclose sensitive, proprietary, or personal media under the mistaken assumption that uploads remain private.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal