ClawHub

Windows Local Embedding

Security checks across malware telemetry and agentic risk

Overview

This is a Windows setup guide for OpenClaw local memory embeddings, with expected but nontrivial setup risks from npm installation and config edits.

Install only if you intend to configure local OpenClaw memory search on Windows. Before running npm install, verify the package and review any warnings instead of ignoring them; back up openclaw.json before editing; and confirm the downloaded model comes from the stated Hugging Face source.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The guide tells users to run `npm install node-llama-cpp` inside the application directory, which downloads and executes package installation logic from the npm ecosystem without any warning about supply-chain, postinstall-script, or package-version integrity risks. In a security-sensitive setup guide, omitting those cautions can lead users to execute unpinned third-party code with the privileges of their local account, making this a real safety issue even if the author's likely intent is simply to enable functionality.

Missing User Warnings

Low
Confidence
84% confidence
Finding
The document instructs users to directly edit the live `openclaw.json` configuration under the user profile without warning to back up the file or note that malformed JSON or incorrect settings can break application behavior. This is a genuine but lower-severity issue because it increases the chance of denial of service or misconfiguration rather than introducing direct code execution.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal