ClawHub

Skill Doctor

Security checks across malware telemetry and agentic risk

Overview

Skill Doctor is a disclosed local auditing tool for installed OpenClaw skills, with no evidence of hidden persistence, destructive behavior, or data exfiltration.

Install this only if you want an agent to inspect your local installed-skill folders and show excerpts from matching files. Treat its findings as heuristic review prompts, not proof of malice, and be aware that broad prompts about skill safety or cleanup may trigger it unless routing is tightened.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill instructions clearly direct the agent to inspect installed skills, auto-detect directories, and run a Python auditing tool over local files, and also mention optional remote version checks via the `clawhub` CLI. That implies filesystem, environment, shell, and possible network capabilities, but the skill declares no permissions, which can lead to overbroad or implicit access without user visibility or platform enforcement.

Vague Triggers

Medium
Confidence
85% confidence
Finding
The invocation guidance uses broad phrases like 'audit my skills,' 'are my skills safe,' 'scan for security issues,' and 'clean up my skills,' which can overlap with many ordinary support requests. Overbroad triggering can cause this skill to activate unexpectedly and inspect local skill libraries or run shell-based audits when the user intended a higher-level discussion only.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal