ClawHub

OpenClaw Ops

Security checks across malware telemetry and agentic risk

Overview

This is a documented maintenance guide for a trusted rescue agent, but it gives that agent real control over OpenClaw files, secrets, services, updates, cleanup, and proxy settings.

Install this only for a rescue or operations agent you trust with OpenClaw configuration, session data, tokens, service control, package updates, and proxy settings. Review commands before approval, especially ones that copy ~/.openclaw/env, create backups, run npm update -g, delete old transcripts, restart services, or reset Tailscale Serve. Protect backup directories because they may contain secrets.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Description-Behavior Mismatch

Medium
Confidence
84% confidence
Finding
The skill is framed as same-machine gateway maintenance, but it also instructs the agent to contact external services (`npm view`, `npm update -g`) and administer reverse-proxy infrastructure via Tailscale. That expands the trust boundary beyond local diagnostics and repair, creating supply-chain and network-exposure risk that is not clearly constrained by the stated purpose.

Context-Inappropriate Capability

Medium
Confidence
88% confidence
Finding
The Tailscale Serve section allows the skill to reset and reconfigure a reverse proxy, which can change how the gateway is exposed over the network. Even if intended for troubleshooting, this is a sensitive administrative action that can unintentionally publish services, break existing routing, or alter remote accessibility beyond local repair needs.

VirusTotal

39/39 vendors flagged this skill as clean.

View on VirusTotal