Session Persistence
Medium
- Category
- Rogue Agent
- Content
1. **No active cron references it** ```bash crontab -l | grep filename openclaw cron list | grep filename ```
- Confidence
- 85% confidence
- Finding
- crontab -l
File Management (Brian)
Security checks across malware telemetry and agentic risk
Overview
This skill audits and organizes local OpenClaw workspace files, with no evidence of hidden persistence, network exfiltration, or automatic deletion.
Install only if you are comfortable with a local audit tool that lists files, sizes, timestamps, and workspace structure. Run the script against a workspace you intend to review, avoid sharing raw audit output if it includes private filenames or logs, and treat all cleanup steps as manual actions after making a backup or git savepoint.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Rogue AgentSelf-Modification, Session Persistence
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)
Session Persistence
Medium
- Category
- Rogue Agent
- Content
- [ ] Check if loaded by any skill - [ ] Check git history for recent changes (may indicate active use) - [ ] Document what the file did (in case of rollback need) - [ ] Create git commit with message describing removal - [ ] Use `trash` not `rm` (recoverable) ---
- Confidence
- 60% confidence
- Finding
- Create git commit with message describing removal - [ ] Use `trash` not `rm` (recoverable) --- ## Directory Conventions ### memory/ Daily session logs and working context. - `YYYY-MM-DD.md` - One
VirusTotal
65/65 vendors flagged this skill as clean.