continuous-openclaw-config-guard

Security checks across malware telemetry and agentic risk

Overview

The skill mostly matches its rollback-guard purpose, but it also sends status messages to a hard-coded Matrix room/account without clear disclosure or user configuration.

Review and edit guard.sh before installing. Remove or parameterize the Matrix message sends, set SESSION_FILE and the service file paths to your own environment, and only enable the systemd service if you want a persistent process that can restart the gateway and automatically roll back openclaw.json.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The script automatically sends operational status about configuration changes, restart results, validation timing, and rollback events to a hardcoded external messaging target. Even if the payload seems minimal, it discloses sensitive system state and incident timing to another system without explicit consent, configurability, or local disclosure at the transmission point, which could leak infrastructure details or create an unintended exfiltration channel.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal