ClawHub

clawgo-upload

Security checks across malware telemetry and agentic risk

Overview

This skill uploads files to clawgo.me, but it may expose sensitive workspace/profile files without enough review and consent guidance.

Install only if you intentionally want selected local files uploaded to clawgo.me. Before use, require the agent to list the exact files and archive size, remove secrets and personal/profile data, and avoid uploading workspace context files such as USER.md, TOOLS.md, AGENTS.md, or SOUL.md unless you have reviewed and redacted them. Treat the clone link as accessible to anyone who has the key.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger phrases are broad enough to match ordinary requests like sharing or moving files, which can cause this skill to activate in situations where the user did not clearly intend remote exfiltration to a third-party service. In the context of a skill that zips and uploads local data, overbroad invocation increases the chance of unintended disclosure.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs the agent to upload local files to an external service but does not require an explicit warning or consent flow about remote transfer, persistence, and the fact that re-uploading to the same key replaces prior server content. This is dangerous because users may believe they are performing a local packaging action when they are actually transmitting potentially sensitive data off-host.

Ssd 3

High
Confidence
99% confidence
Finding
This section explicitly recommends uploading OpenClaw workspace files containing identity, guardrails, tool policy, routing hints, and user context to an external sharing service under a benign 'share/back up/move' framing. Those files are highly sensitive operational artifacts; exposing them can leak system prompts, security constraints, tool access details, and user/session data that could enable prompt injection, policy bypass attempts, credential discovery, or targeted follow-on attacks.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal