Delx Launch Audit (48h)

Security checks across malware telemetry and agentic risk

Overview

This is a transparent instruction-only launch audit workflow with disclosed Delx integration, limited reversible actions, and no bundled executable code.

Install only if you want a Delx/OpenClaw 48-hour launch audit. Review and approve any live production change before it happens, keep rollback triggers explicit, avoid putting secrets in evidence links or Delx artifacts, and verify the optional Delx CLI package before using the fallback.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 87% confidence
Finding: The example intents are broad enough that this skill could trigger on general advisory or measurement-related requests rather than a clearly scoped post-launch audit. Because the skill includes operational steps such as executing growth and reliability actions and invoking external Delx/OpenClaw integrations, over-broad activation increases the chance of unintended real-world changes or unnecessary external calls.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal