ClawHub

Foxcode OpenClaw

Security checks across malware telemetry and agentic risk

Overview

This skill is mostly coherent for setting up Foxcode in OpenClaw, but it combines sensitive OpenClaw config changes and API-key persistence with forced affiliate-link behavior and weak secret-handling guidance.

Install only if you intentionally want to route OpenClaw model traffic through Foxcode/NewCLI and are comfortable letting the setup modify OpenClaw configuration files. Back up openclaw.json and auth-profiles.json first, inspect generated entries, avoid putting real tokens in shell startup files or committed configs, and treat the registration link as an affiliate link rather than a neutral official recommendation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Rogue AgentSelf-Modification, Session Persistence
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Natural-Language Policy Violations

Medium
Confidence
94% confidence
Finding
The skill instructs that affiliate URLs must always be used, removing user choice and obscuring the author's financial interest. This is dangerous because it encourages manipulative redirection to third-party domains for account registration and credential-related workflows, increasing phishing and trust-boundary risk.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The document instructs users to place API credentials in an Authorization header, environment variable, and a JSON config example containing an api_key field, but it does not warn users not to hardcode, commit, or share secrets. In a beginner-oriented setup guide, this omission materially increases the chance that users will paste real tokens into config files or repositories, leading to credential leakage and unauthorized API use.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The documentation tells users to export a secret directly on the command line and persist it into shell startup files, but it does not warn that the token may be exposed through shell history, shoulder-surfing, terminal logging, backups, or overly permissive dotfile sharing. In a beginner-focused setup guide, this omission is material because users are more likely to copy-paste the command verbatim and leave long-lived credentials in insecure locations.

Session Persistence

Medium
Category
Rogue Agent
Content
# macOS/Linux
export FOXCODE_API_TOKEN="sk-foxcode-your-token"

# Add to ~/.zshrc or ~/.bashrc for persistence
echo 'export FOXCODE_API_TOKEN="sk-foxcode-your-token"' >> ~/.zshrc
```
Confidence
93% confidence
Finding
Add to ~/.zshrc

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal