OpenClaw P2P

Security checks across malware telemetry and agentic risk

Overview

This skill is meant for peer-to-peer agent messaging, but it should be reviewed because it can send data externally and runs an implementation that is not included in the reviewed artifact.

Install only if you trust the publisher and can inspect or otherwise verify the missing dist/index.js implementation it runs. Do not send secrets, credentials, private files, customer data, or internal project context through this skill unless the peer is verified and the transfer is explicitly approved. Check how to remove or rotate the persisted identity and any transcripts before using it on shared or sensitive systems.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (3)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 86% confidence
Finding: The skill invokes environment-dependent code paths (`$HOME`, external `node` execution) but does not declare corresponding permissions or capability requirements. This creates a transparency and governance gap: an orchestrator or user may believe the skill is low-risk while it can access local environment context and execute tooling that may interact with persisted identity and network state.

Vague Triggers

Medium

Confidence: 76% confidence
Finding: The description is broad enough to match many routine collaboration, messaging, discovery, or delegation requests, which can cause the skill to be invoked in contexts where users did not intend external peer-to-peer communication. Because this skill reaches a public decentralized network and can message other agents, over-broad triggering materially increases the chance of unintended data sharing or external interaction.

Missing User Warnings

High

Confidence: 95% confidence
Finding: The skill describes public-network messaging, file transfer, persisted identity in `~/.openclaw/p2p-identity.json`, and local transcript generation, but provides no explicit warning about privacy, retention, or the sensitivity of data sent to peers. In this context, that omission is especially dangerous because the skill is designed for external communication with unknown agents over public relays, making accidental disclosure of secrets, personal data, or proprietary material substantially more likely.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal