Model Failover Guard

Security checks across malware telemetry and agentic risk

Overview

This skill does what it claims: it can automatically test, switch, and restore OpenClaw models, with the main risk being intentional automatic provider/model changes while it runs.

Install only if you want a guard that can automatically change your OpenClaw default model and restart the gateway. Before using loop or service mode, review config.json, set excludedProviders for providers you do not want used, consider backing up ~/.openclaw/openclaw.json, and run once mode first to observe behavior.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The skill documentation describes automatic failover, failback, and daemonized monitoring, but it does not clearly warn users that running it may continuously modify the active model selection and keep operating in the background. This can lead to unexpected configuration changes, increased costs, altered privacy/compliance posture if traffic shifts to other providers, and operational confusion because the fallback may be chosen from all configured models.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal