OpenClaw Coding Agent Workflows

Security checks across malware telemetry and agentic risk

Overview

This instruction-only skill is coherent for delegating coding work, but it normalizes high-autonomy agent modes with reduced approval safeguards.

Install only if you intentionally want OpenClaw to orchestrate other coding agents for repository work. Use isolated worktrees or temp clones, review diffs before merging, avoid sensitive repositories or secrets when using delegated agents, and treat `--full-auto` and `--permission-mode bypassPermissions` as elevated modes that reduce normal approval safeguards.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The skill explicitly instructs users to launch Claude Code with `--permission-mode bypassPermissions`, which weakens or removes interactive safety checks for subprocess actions. In a skill whose purpose is to delegate coding tasks to autonomous agents, this increases the chance of unintended file changes, secret exposure, destructive commands, or unsafe network/git operations, especially because the documentation presents this mode as a normal execution pattern rather than a tightly controlled exception.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal