ClawHub

OpenClaw Doctor (macOS)

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed macOS watchdog for OpenClaw Gateway, but it should only be installed by users who want persistent background monitoring, automatic service restarts, and sleep prevention.

Install only if you want a persistent macOS background watchdog that can keep the machine awake and automatically restart OpenClaw Gateway or Node services. Before loading the LaunchAgent, inspect the actual plist because the template was not included in the artifact, confirm it runs only the intended doctor.sh script on the intended schedule, and keep the launchctl bootout command available for disabling it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
This section instructs the user to install and bootstrap a LaunchAgent that runs every 5 minutes, creating persistence and enabling automatic repair behavior, but the description does not present this as an explicit risk or side effect. Users may unknowingly install a continuously running agent that modifies service state, restarts components, and survives across sessions.

Missing User Warnings

Low
Confidence
86% confidence
Finding
The skill advertises sleep prevention using caffeinate but does not clearly warn that this alters normal macOS sleep behavior and can increase battery or power usage. On laptops especially, preventing sleep can have meaningful operational and privacy consequences because the machine stays awake longer than the user may expect.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal