ClawHub

Skillstore

Security checks across malware telemetry and agentic risk

Overview

This is a real skill manager, but it can install third-party GitHub skills into the local OpenClaw skill directory with weak source review and confirmation controls.

Install only if you intentionally want a local OpenClaw skill manager. Before choosing a GitHub result, verify the repository owner and contents yourself, inspect its SKILL.md and code, and avoid using this for sensitive internal searches unless you are comfortable sending those queries to GitHub.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill explicitly advertises installing skills from GitHub but provides no warning, trust model, or verification guidance for downloading and adding third-party code. In this context, that omission increases the risk of users installing untrusted skills that may execute malicious actions, access local data, or persist in the OpenClaw environment.

Missing User Warnings

Medium
Confidence
85% confidence
Finding
Every search query is automatically sent to GitHub's API, which can disclose potentially sensitive user intent, internal project names, or operational topics to a third party without explicit consent at the time of use. In a skill-management context, users may search for proprietary or security-relevant capabilities, making silent network transmission more privacy-sensitive than a normal local search.

Ssd 1

Medium
Confidence
95% confidence
Finding
The guidance to execute user requests unless they cause 'actual harm' and to trust the user's judgment over the agent's own assumptions weakens safety decision-making and encourages unconditional compliance. In practice, this can pressure downstream skills or agents to skip risk checks, comply with unsafe or policy-violating requests, and perform sensitive actions without adequate scrutiny.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal