OpenClaw Copilot CLI Wrapper

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent Copilot CLI wrapper, but it defaults users toward broad autonomous access to local files, tools, and URLs.

Install only if you are comfortable letting an agent invoke GitHub Copilot CLI with broad local and network permissions. Prefer narrower `--allow-tool`, `--allow-url`, and path-scoped options where possible, avoid `--allow-all`/`--yolo` on sensitive repositories, and review logs/session files before sharing or storing them.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Missing User Warnings

High

Confidence: 97% confidence
Finding: The skill explicitly recommends running Copilot with `--allow-all`, which removes safeguards around tools, paths, and URLs while omitting any strong warning about shell, file-system, or network side effects. In an agent context, this can enable broad autonomous actions based on natural-language prompts, increasing the chance of destructive commands, sensitive file access, or unreviewed outbound requests.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal