ClawHub

Openclaw Skills Setup Cn

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Chinese-language ClawHub setup and skill-management guide, with broad triggers that merit caution but no hidden execution or malicious behavior.

Install this only if you want a ClawHub/OpenClaw setup helper. Before running suggested commands, inspect any skills being installed, avoid bulk install or update-all commands on stable environments unless you accept behavior changes, and confirm global package or mirror configuration changes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger phrases for skill discovery are very broad and closely match common user requests such as asking what skills exist or searching for one. In an agent environment, this can cause the skill to activate in many unrelated contexts, leading to overreach, untrusted workflow interception, or steering users into package discovery/install flows they did not explicitly request.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The skill-management triggers are ambiguous because phrases like '安装技能', '更新技能', and '管理技能' are generic and may overlap with ordinary conversational requests. This increases the chance that the skill handles requests outside its intended boundary and could influence installation or management actions for external content without sufficiently explicit user intent.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The invocation examples are overly broad and map to common, non-specialized user requests such as asking what skills are available or finding a skill. This can cause the skill to trigger in situations where the user did not explicitly ask to manage ClawHub, increasing the chance that the agent steers users into package discovery and installation flows unnecessarily.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal