ClawHub

ClawTime Setup

Security checks across malware telemetry and agentic risk

Overview

This skill appears purpose-built for installing ClawTime, but it deserves review because it gives mutable external app code meaningful OpenClaw gateway access and has weak secret and reset handling.

Install only if you trust the ClawTime GitHub repository and its npm dependencies, since downloaded code will receive gateway credentials. Use a dedicated or least-privileged OpenClaw token if available, verify the Cloudflare URL before running generated scripts, treat setup-token links as temporary secrets, keep TTS disabled unless command handling is verified, and back up device keys or credentials before running reset commands.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The instructions tell users to pass GATEWAY_TOKEN and SETUP_TOKEN directly on the command line and to use the setup token in a query string. Command-line secrets can leak via shell history and process listings, while query-string secrets can be exposed in browser history, logs, referrers, screenshots, and proxy/CDN telemetry.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The document includes a destructive 'nuclear reset' sequence that deletes a local authentication key and kills matching Node processes without an explicit warning, confirmation step, or safer recovery guidance. In an agent skill context, these commands may be surfaced or executed as troubleshooting steps, creating a real risk of accidental credential loss, forced re-enrollment, downtime, or termination of unrelated processes.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The troubleshooting guidance instructs users to delete `~/.clawtime/device-key.json` and restart, which destroys the current device identity and can require re-approval or re-registration. While limited in scope to an app-specific file, it is still a destructive reset step presented without an explicit warning about consequences, making accidental disruption more likely.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
Overwriting `~/.clawtime/credentials.json` with `[]` irreversibly removes all stored passkey registrations for the application. The document labels this as 'Reset all passkeys' but does not clearly warn about permanent loss of all enrolled credentials and the need to re-register every user/device.

VirusTotal

58/58 vendors flagged this skill as clean.

View on VirusTotal