Back to skill

Security audit

Persona Calibration

Security checks across malware telemetry and agentic risk

Overview

This is a transparent, instruction-only persona tuning skill that may edit persona files after review but does not include hidden code, credential use, or unsafe automation.

Install if you want guided persona calibration for OpenClaw. Review proposed changes before they are applied, especially anything written to SOUL.md, USER.md, or MEMORY.md, and avoid storing sensitive personal details in persistent memory unless you explicitly want them retained.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Autonomous Decision Making

Medium
Category
Excessive Agency
Content
- warn on risk
- flag pseudo-problems
- do not overrule user decisions
- do not expand scope without consent

### 8. Anti-Patterns / Forbidden Behaviors
Questions answered:
Confidence
75% confidence
Finding
without consent

Scope Creep

Low
Category
Excessive Agency
Content
- warn on risk
- flag pseudo-problems
- do not overrule user decisions
- do not expand scope without consent

### 8. Anti-Patterns / Forbidden Behaviors
Questions answered:
Confidence
75% confidence
Finding
expand scope

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.