Security audit

Certainlogic Onboarding Wizard

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed onboarding helper that locally checks OpenClaw skills and writes reports or optional setup scripts, with no evidence of hidden install, credential use, exfiltration, or destructive behavior.

Install only if you are comfortable with a local tool enumerating your OpenClaw skills and writing reports under your OpenClaw workspace. Review any generated setup.sh before running it, and separately evaluate any recommended skills before granting them OAuth tokens, API keys, or account access.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (4)

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The suggested trigger phrases are generic natural-language commands such as "Run onboarding wizard" and especially role statements like "I'm a developer," which can plausibly appear in ordinary conversation. In systems that route skills based on conversational matching, this increases the chance of unintended invocation and unexpected environment scanning or recommendation behavior without clear user intent.

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The README advertises automatic scanning of OS, OpenClaw version, and installed skills, including reading from the user's local skills directory, but does not prominently warn that local system information will be accessed. Even if the data collected is relatively limited, users may not realize that invoking the skill authorizes inspection of local environment details, which creates a privacy and consent issue.

Vague Triggers

Medium

Confidence: 74% confidence
Finding: The trigger phrases are very generic, such as 'I'm a developer' and 'Set up my business assistant', which increases the chance of accidental invocation during ordinary conversation. If the skill performs environment scanning or external availability checks on activation, unintended runs could disclose local environment details or cause unwanted network activity without clear user intent.

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The description advertises broad capabilities such as environment scanning, skill detection, setup scripts, verification, weekly checkups, and team export without clearly constraining scope, permissions, or safety boundaries. In an onboarding context, this kind of ambiguous activation language can normalize high-trust execution and data collection, increasing the risk that users or orchestrators invoke sensitive operations without informed consent.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.