ClawHub
Back to skill

Security audit

OpenClaw Tmux Persistent Process

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed tmux usage guide for keeping user-chosen processes alive, with no hidden code or automatic execution, but users should be careful with persistent tunnels and long-running tasks.

Install this only if you need persistent tmux-backed processes. Before starting tunnels such as ngrok, cloudflared, or localhost.run, confirm the local service does not expose private data, admin panels, credentials, or unauthenticated write actions, and stop the tmux session when finished.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The skill markets itself as recommended for broadly any long-lived process and even 'all OpenClaw users,' which encourages overly permissive invocation without considering whether persistent background execution is actually necessary or safe. In a skill that can keep servers, tunnels, and agents alive beyond normal session cleanup, broad activation language increases the chance of misuse, unintended exposure, and persistence of risky processes.

Vague Triggers

Low
Confidence
84% confidence
Finding
The heading 'Why every OpenClaw user should have this' is an unbounded activation cue that normalizes use of persistent tmux-backed execution as a default. While not directly executing unsafe behavior, this framing lowers operator caution and can lead users to apply the skill in contexts where persistent processes create unnecessary security or operational risk.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.