ClawHub

Server Guardian

Security checks across malware telemetry and agentic risk

Overview

Server Guardian is a coherent server-recovery skill, but it needs Review because it can restart services, require root-level actions, kill processes, and delete logs with limited safeguards.

Install only if you intentionally want an OpenClaw server operations skill and are comfortable reviewing each recovery command before execution. Prefer running health_check.sh first, avoid scheduling hourly full recovery until tested, and treat log deletion, root memory cleanup, process termination, and Gateway restarts as production-impacting actions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill clearly instructs the agent to execute shell commands and recovery scripts, but it does not declare any permissions boundary for shell access. In an automated server-recovery context, undeclared shell capability increases the chance that a user or orchestrator invokes powerful system-level actions without adequate consent, sandboxing, or review.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger language is extremely broad, covering essentially any server abnormality, which can cause the skill to activate in situations outside its intended safe operating envelope. In combination with automated diagnostics and recovery, this broad scope raises the risk of unnecessary or harmful remediation on production systems.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The documentation explicitly recommends automatic recovery actions such as full recovery, memory cleanup, log cleanup, and gateway restart without a prominent warning that these actions are disruptive and modify system state. On a live server, such actions can terminate processes, remove data, or alter service availability, making accidental invocation operationally dangerous.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The full recovery flow calls log rotation and deletes .gz logs older than 30 days automatically, without any confirmation, dry-run, or explicit warning to the operator. In a recovery skill intended to run during incidents, this can destroy forensic or troubleshooting evidence and may interfere with retention requirements, making post-incident investigation harder.

VirusTotal

57/57 vendors flagged this skill as clean.

View on VirusTotal