ClawHub

Skill Dependency Fixer

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed OpenClaw dependency checker/fixer, but users should review package changes before using fix or upgrade modes.

Install only if you want help inspecting OpenClaw skill dependencies. Run dry-run or targeted checks first, review any brew/npm/pip actions before using --fix or upgrade commands, and prefer trusted package sources or verified releases.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger list includes broad phrases like "skills are broken" and "openclaw doctor," which can match generic troubleshooting requests and cause this skill to activate outside its intended scope. Because the skill can generate tooling that scans local skill directories and supports a --fix mode that installs packages, overbroad invocation increases the chance of unintended system-modifying guidance or actions.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The invocation section repeats vague triggers without constraints, especially phrases like "skills are broken," which do not reliably indicate the user wants dependency scanning or installation behavior. In context, this is more dangerous because the skill's documented behavior includes optional auto-fix and package installation, so accidental invocation can lead to recommendations or flows that modify the host environment.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill describes an option to auto-fix missing dependencies but does not clearly warn that this may install software via brew, npm, or pip and therefore changes the local system. Users may reasonably interpret the skill as diagnostic-only and be surprised by package installation side effects, which raises consent and safety concerns.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The update guidance instructs running clawhub, brew, npm, and pip upgrade commands without a user-facing caution that these operations change installed software and may affect system state or compatibility. In this skill's context, that omission is meaningful because the instructions normalize broad update behavior across multiple package ecosystems, increasing the risk of unreviewed modifications.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal