ClawHub

Openclaw Cc Rules Gitee

Security checks across malware telemetry and agentic risk

Overview

This skill is a visible coding-workflow ruleset that broadly affects programming sessions but does not include hidden code, credential access, exfiltration, or destructive behavior.

Install this only if you want OpenClaw to consistently apply this structured workflow in coding sessions. Expect it to influence future programming conversations until removed or disabled, and inspect the external GitHub repository first if installing by clone rather than from the reviewed artifact.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

High
Confidence
89% confidence
Finding
The README states the skill will automatically invoke for essentially any programming-related content, which is an overly broad trigger surface. Broad auto-activation increases the chance that the skill overrides user expectations, interferes with unrelated tasks, or applies risky coding/git behaviors in contexts where explicit opt-in and scope checks should be required.

Vague Triggers

Medium
Confidence
84% confidence
Finding
Saying the skill activates whenever OpenClaw detects 'programming-related scenarios' is ambiguous and lacks bounded scope. In agent systems, vague trigger rules can cause unexpected behavior carryover into sensitive sessions, especially when the skill later prescribes edits, planning constraints, and git operations.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The skill auto-activates for very broad categories like coding, debugging, review, Git operations, and project setup, which are common requests. This can cause the skill to override or steer many unrelated sessions without explicit user consent, increasing the chance that its operational constraints or behaviors are applied unexpectedly.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal