Skill 自动沉淀

Security checks across malware telemetry and agentic risk

Overview

This skill openly automates creating, updating, and publishing persistent agent skills, but it does not require user approval before changing future agent behavior.

Install only if you intentionally want the agent to maintain reusable skills from prior work. Before using it, require manual review for every new or updated SKILL.md, check for secrets or task-specific private details, and confirm exactly where clawhub publish sends the result.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill directs the agent to scan local skill directories, create or modify files under ~/.openclaw/skills, and publish them via clawhub, but it does not require explicit user consent or even a warning before making those persistent filesystem changes. Because this behavior is triggered automatically after task completion, it can cause unintended local state changes, overwrite or alter existing skills, and publish potentially sensitive or low-quality content without the user's knowledge.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal