Back to skill

Security audit

OnDeckLLM

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed local dashboard skill for managing LLM provider routing, with expected local config access and no evidence of hidden or destructive behavior.

Install only if you trust the OnDeckLLM npm package. Before using the dashboard, understand that it is not read-only: dashboard changes can sync back to your OpenClaw provider/routing config, and local settings, profiles, and usage logs may remain under `~/.ondeckllm/`.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill documentation says the dashboard syncs changes back to `~/.openclaw/openclaw.json` and stores usage data under `~/.ondeckllm/`, but it does not prominently warn that using the UI can modify the user's provider configuration and persist local logs. This can lead to unintended configuration changes, exposure of provider metadata, or retention of sensitive usage/cost information without informed user consent.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

Detected: suspicious.dangerous_exec

Shell command execution detected (child_process).

Critical
Code
suspicious.dangerous_exec
Location
scripts/status.js:15