CAPTCHAS OpenClaw
Security checks across malware telemetry and agentic risk
Overview
This is a straightforward CAPTCHA integration guide with disclosed API-key use and no hidden code, persistence, or unrelated access.
Safe to install as an integration guide. Before use, store the CAPTCHAS API key securely, verify the configured endpoint, and send only the minimum CAPTCHA verification data needed; avoid personal, secret, or regulated data in `signals`, `media_url`, answers, tokens, or domain/site metadata unless explicitly approved.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
65/65 vendors flagged this skill as clean.