Back to skill

Security audit

shield-guard

Security checks across malware telemetry and agentic risk

Overview

This security-scan skill is mostly purpose-aligned, but it can inspect sensitive OpenClaw configuration and local skill files from broad trigger phrases and writes a report to a fixed workspace path without a clear opt-in step.

Review the trigger phrases before installing and use the skill only when you intentionally want an OpenClaw security audit. Expect it to inspect gateway, plugin, channel, skill, and credential-related locations, and treat any generated report as sensitive because it may reveal security posture or configuration weaknesses. Do not approve automatic fixes unless you understand the gateway configuration change and have a recovery plan.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

High
Confidence
96% confidence
Finding
The trigger list includes very generic phrases like “帮我检查安全”, “扫描风险”, “工信部”, and “安全扫描”, which are likely to appear in ordinary conversation unrelated to this specific skill. That can cause unintended activation of a skill that performs host inspection and writes files, expanding the chance of unprompted sensitive operations in a security-sensitive context.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The activation condition uses open-ended wording like “等关键词时触发”, which makes the invocation boundary ambiguous and easier to match accidentally or through prompt manipulation. In this skill, accidental activation is more dangerous because subsequent steps include configuration inspection, directory scanning, and report generation on disk.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill instructs generating a report file at a fixed path under the user's workspace without an explicit warning, consent gate, or safer dry-run default. Writing into user-controlled storage can create unintended persistence, overwrite expectations, leak sensitive scan results into synced folders, or be triggered unexpectedly if the broad activation logic fires.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.