QClaw Restart

Security checks across malware telemetry and agentic risk

Overview

This skill transparently restarts QClaw on Windows after confirmation, with the main risk being interruption of the current session.

Install only if you want an agent-assisted QClaw restart on Windows. Save work first, expect the current QClaw session to be interrupted, and approve the restart only when the confirmation clearly names QClaw.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 95% confidence
Finding: The trigger phrases include very broad expressions such as “重启一下” and “重启你自己,” which can easily match ordinary conversation or ambiguous user intent. In an agent context, that can cause unintended invocation of a destructive operational action that terminates the current session and force-stops processes, even though the skill does require confirmation before execution.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal