Back to skill

Security audit

Session OpenClaw Bridge

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed bridge/validation helper for Session, n8n, and OpenClaw, but users should handle relay URLs and API keys carefully.

Install only if you intend to configure this Session/n8n/OpenClaw bridge. Use HTTPS relay and OpenClaw endpoints, replace placeholders with systems you control, keep API keys out of command history where possible, and review the n8n workflow before activating its polling loop.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill explicitly directs reading workflow files and using a relay-validation script to probe HTTP endpoints such as /health, /poll, /send, and attachment URLs, which indicates real network-capable behavior despite no declared permissions. Undeclared network access weakens security review and least-privilege controls, and in this context could enable unintended outbound requests, SSRF-style misuse against operator-supplied endpoints, or data exfiltration during troubleshooting.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The script accepts an API key as a positional command-line argument and then sends it in HTTP headers to whatever base URL the operator provides. Command-line arguments are commonly exposed via shell history, process listings, CI logs, and audit tooling, so the secret can be disclosed locally even if the HTTP usage itself is expected; additionally, the script does not enforce HTTPS, so the key could be transmitted in cleartext if an http:// URL is used.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.