ClawHub

Debug Prompt Driven Cron Agent Zero Output

Security checks across malware telemetry and agentic risk

Overview

This is a documented troubleshooting guide for OpenClaw cron jobs that may inspect local logs and notes, with no executable code or hidden install behavior.

Install only if you want this specific cron zero-output debugging workflow. Before following it, confirm the task really involves OpenClaw cron or agentTurn plus Discord/Obsidian output, and review any suggested local file searches so they stay limited to the relevant logs, workspace, and daily-note files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The skill description says it should trigger whenever users mention broad symptoms like a task 'ran but output is empty' or wanting to 'locate a retrieval-chain breakpoint,' which can overlap with many ordinary debugging requests. Over-broad activation can cause the agent to invoke a highly specific investigative workflow in inappropriate contexts, increasing the chance of unnecessary access to local files, logs, and environment-specific paths described in the skill.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The 'When to use this skill' section lists suggestive keywords and scenarios but does not define strong exclusion boundaries, so the skill may be selected for loosely similar troubleshooting tasks. In this skill, that ambiguity is more dangerous because the subsequent steps direct inspection of sensitive local paths, run records, workspace contents, and user documents, making accidental overreach more likely.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal