Security audit
Windows Execution Interface for OpenClaw
Security checks across malware telemetry and agentic risk
Overview
This skill transparently gives an agent remote control of a configured Windows host, which is powerful but clearly disclosed and aligned with its stated purpose.
Install only if you intentionally want OpenClaw agents to control a Windows machine. Keep the Clawdos service bound to trusted interfaces, protect and rotate the API key, run the server with least privilege, configure the filesystem sandbox carefully, and review shell commands, file deletion or moves, uploads or downloads, screenshots, and keyboard or mouse actions before allowing them.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.
Static analysis
No suspicious patterns detected.