ClawHub

OpenClaw Shield

Security checks across malware telemetry and agentic risk

Overview

This is a coherent security-monitoring skill that discloses its external telemetry and sensitive log access, with some operational commands users should run carefully.

Install this only if you are comfortable trusting the external UPX Shield plugin and sending redacted agent activity telemetry to UPX. Treat the installation key as a secret, avoid sharing raw logs unless needed for an investigation, confirm case close/resolve actions before they happen, and run the optional local data deletion command only when intentionally removing Shield history.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Intent-Code Divergence

High
Confidence
97% confidence
Finding
The skill states a safety constraint that the agent must only use `openclaw shield` commands and must not install/uninstall packages, but elsewhere provides operational instructions that direct installation, uninstallation, and filesystem deletion. This creates contradictory guidance that can cause an agent to take state-changing actions outside the declared safe command boundary, increasing the chance of unauthorized software changes or destructive cleanup.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The README explicitly promotes operational commands including `flush`, vault inspection, and case management without explaining their side effects, required privileges, or when they should be used. In a security-monitoring skill, undocumented destructive or privacy-impacting commands can lead an agent or user to clear evidence, alter security state, or expose sensitive data during routine troubleshooting.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The skill explains that it captures agent activity and sends redacted telemetry to an external platform, but this disclosure appears after operational guidance rather than as a prominent upfront warning. In a security-monitoring context, delayed disclosure can lead users to enable or use telemetry features without clear, informed awareness of data collection and external transmission.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal