Session Persistence
Medium
- Category
- Rogue Agent
- Content
1. **No active cron references it** ```bash crontab -l | grep filename openclaw cron list | grep filename ```
- Confidence
- 85% confidence
- Finding
- crontab -l
File Management by Brian
Security checks across malware telemetry and agentic risk
Overview
This skill is a local workspace organization and audit helper, and its files match that purpose without hidden persistence or data exfiltration.
Safe to install for workspace auditing if you are comfortable with it reading and printing local workspace file paths and sizes. Review audit output before sharing it, and treat cleanup instructions as manual guidance rather than automatic deletion.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Rogue AgentSelf-Modification, Session Persistence
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)
Session Persistence
Medium
- Category
- Rogue Agent
- Content
- [ ] Check if loaded by any skill - [ ] Check git history for recent changes (may indicate active use) - [ ] Document what the file did (in case of rollback need) - [ ] Create git commit with message describing removal - [ ] Use `trash` not `rm` (recoverable) ---
- Confidence
- 60% confidence
- Finding
- Create git commit with message describing removal - [ ] Use `trash` not `rm` (recoverable) --- ## Directory Conventions ### memory/ Daily session logs and working context. - `YYYY-MM-DD.md` - One
VirusTotal
65/65 vendors flagged this skill as clean.