OpenClaw Orchestrator — Finance & Python Team
Security checks across malware telemetry and agentic risk
Overview
This is an instruction-only orchestration skill that matches its stated purpose, with no executable install behavior, but it depends on local reference files and may route work to external models.
Before installing, confirm that the local AGENTS.md, MEMORY.md, and referenced skills/orchestrate/ref_*.md files are trusted. Avoid giving it credentials, sensitive financial data, or proprietary code unless you are comfortable with sub-agent delegation and the configured external model provider.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
65/65 vendors flagged this skill as clean.