my_skill_management_skill

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed ClawHub skill manager, but it can publish local skill contents and install remote skills without strong scoping or review controls.

Install only if you want an agent to help manage local OpenClaw skills and publish them to ClawHub. Before using it, manually review files for secrets or private prompts, confirm the destination account and visibility, and avoid using the helper on paths outside ~/.openclaw/skills or on untrusted remote skill slugs.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Context-Inappropriate Capability

Medium

Confidence: 93% confidence
Finding: The helper exposes an `install` command that can search for and install any remote ClawHub skill by arbitrary slug and optional version, which exceeds the stated scope of managing and publishing the user's custom local skills. In a skill-management context, this broadens the trust boundary to unvetted third-party content and can introduce supply-chain risk, especially if an agent or user invokes it with attacker-controlled input.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal