Back to skill

Security audit

multi-account-config

Security checks across malware telemetry and agentic risk

Overview

This instruction-only skill helps configure messaging accounts and handles sensitive tokens, but its behavior is disclosed and aligned with that purpose.

Install this only if you want an agent to help configure OpenClaw messaging accounts. Provide only the credentials needed for the specific accounts you are adding, ask the agent to redact tokens in all output, review the proposed configuration before patching it, and avoid open group policies unless that access is intentional.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
87% confidence
Finding
The trigger phrases are broad enough to activate on ambiguous requests like adding another account or work account, which can cause the skill to run in contexts the user did not clearly intend. Because this skill collects credentials and modifies gateway configuration, accidental invocation increases the chance of prompting for secrets or making configuration changes in the wrong flow.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly asks for bot tokens, pairing codes, and other credentials, then applies them to live configuration, but it does not require an explicit warning or consent flow about handling secrets and making persistent changes. In a system context, this can lead users to disclose sensitive tokens without understanding the risk, and accidental or unsafe handling of those secrets could enable account takeover or unauthorized messaging access.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.