ClawHub
Back to skill

Security audit

QVerisAI

Security checks across malware telemetry and agentic risk

Overview

The skill appears to do what it says: use a QVeris API key to search and execute external tools, with privacy caveats but no evidence of hidden local access or persistence.

Install only if you trust QVeris and the publisher with your tool searches and execution parameters. Use a scoped, revocable API key, monitor usage, and avoid sending secrets, personal data, health details, or account-sensitive finance/social data unless you have reviewed QVeris and any downstream tool policies.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The README says OpenClaw will automatically use this skill for queries like weather, stocks, and web search, but it does not clearly warn that doing so may send user prompts, parameters, or other context to the external QVeris service and downstream third-party APIs. In an agent setting, implicit network use can expose sensitive data and surprise users, especially because this skill is designed to dynamically discover and execute external tools across many domains.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The skill is configured with auto_invoke: true and a very broad description/examples spanning weather, news, finance, health, social media, geolocation, and content generation. This creates a real risk that ordinary user requests will automatically trigger external tool discovery and execution, causing unintended third-party network access and data disclosure to a dynamic tool ecosystem whose downstream tools are not tightly constrained in the skill definition.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.