Loop Engine — Governed Loops for OpenClaw
Security checks across malware telemetry and agentic risk
Overview
This skill is a transparent workflow-governance integration with optional AI-provider examples, and its sensitive data flows are disclosed and purpose-aligned.
Safe to install for evaluation, especially in local governance mode. For provider-backed or production use, install only the adapters you need, verify the @loop-engine packages, use scoped API keys, redact sensitive evidence before LLM calls, and configure audit-log retention and access controls deliberately.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.