ClawHub

Waiting Tips

Security checks across malware telemetry and agentic risk

Overview

This skill displays local bilingual waiting tips and does not show hidden data access, exfiltration, or destructive behavior.

Install this if you want tips to appear while OpenClaw is responding. Expect additional tip messages in normal chats, choose zh-only or en-only if bilingual output is unwanted, and only run the platform bot examples with accounts you control while keeping bot tokens and WhatsApp auth files private.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Vague Triggers

Medium
Confidence
84% confidence
Finding
The README states that tips appear automatically during normal chat flow and that OpenClaw can call the `waiting_tip` tool before processing requests. Because the activation scope is described broadly and without clear gating conditions, users and integrators may enable a behavior that fires in many conversations, creating unintended tool invocation, extra message noise, or surprise disclosure of plugin behavior across platforms.

Vague Triggers

Medium
Confidence
79% confidence
Finding
The manual examples use very generic phrases like '来个 tip' and 'show me 3 tips', which overlap with ordinary conversational language. In systems that map natural language loosely to tools, vague trigger phrasing can cause accidental invocation when a user is speaking casually rather than intentionally calling the skill.

Vague Triggers

High
Confidence
97% confidence
Finding
Triggering automatically before every AI response is overly broad and causes the skill to run during routine conversations without clear user consent or contextual bounds. This can create persistent unsolicited output, interfere with normal assistant behavior, and become a vehicle for spammy or policy-bypassing message injection across all conversations.

Vague Triggers

Medium
Confidence
94% confidence
Finding
Manual triggers like 'show me a tip' and 'give me a tip' are common conversational phrases that can easily collide with normal user requests, causing accidental activation. That broad matching increases the chance of unintended responses, user confusion, and prompt-routing mistakes, especially in multi-skill environments.

Natural-Language Policy Violations

Medium
Confidence
90% confidence
Finding
Emitting bilingual Chinese/English output on every wait event without explicit user language preference or opt-in can expose users to unwanted content and degrade usability across channels. While not directly a code-execution issue, it is a genuine security/quality concern because unsolicited cross-language output broadens data presentation and may violate user expectations or platform norms.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal