Self-Integration

Security checks across malware telemetry and agentic risk

Overview

The skill transparently uses Membrane to control connected apps, but its scope is very broad and can run high-impact actions without clear built-in confirmation rules.

Install only if you intentionally want OpenClaw to use Membrane as a broad bridge into your connected apps. Use the least-privileged Membrane token and connected accounts possible, and require explicit user confirmation before creating connections or connectors, posting content, syncing/exporting data, modifying business records, or running destructive actions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The skill is described as applicable to essentially any request involving external apps and any API operation, which makes it likely to auto-trigger for broad, ordinary user requests. In this context, the skill holds a high-privilege Membrane token and can create connections, build actions, and execute operations across many third-party services, so an overly broad trigger increases the chance of unintended invocation and data transfer to an external platform.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal