Security audit
ClawVitals
Security checks across malware telemetry and agentic risk
Overview
ClawVitals is a bounded, instruction-only OpenClaw security checker that runs a small disclosed set of local diagnostic commands and does not add persistence or storage.
Install only if you want a point-in-time security check of your OpenClaw setup. Run detailed reports in a private or administrator-only channel because they may reveal configuration weaknesses, and be aware that the update-status step may let the OpenClaw CLI check its update registry.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
62/62 vendors flagged this skill as clean.