openclaw-code-review-skill

Security checks across malware telemetry and agentic risk

Overview

This appears to be a purpose-aligned code review skill whose GitHub PR comment posting is disclosed, though users should treat public comment publication carefully.

Before using the comment-publishing option, review the generated text for secrets, internal details, and accuracy, and make sure you intend to post it to the target GitHub repository where others may see it.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The README explicitly promotes publishing generated review output as GitHub PR comments, which sends model-generated content to an external repository surface, but it does not warn users about visibility, persistence, or the possibility of leaking sensitive code, internal findings, or inaccurate claims. In a code-review skill, this matters more because the generated content is derived from repository diffs and may include proprietary details or security-sensitive observations.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The example instructs the agent to review a PR and then publish a comment, but it does not call out that this is an outbound action that posts generated text to GitHub. That omission increases the risk of unintentional data disclosure or reputational harm from posting incorrect/security-sensitive review content, especially in a workflow centered on analyzing live pull requests.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal