Security audit

OpenClaw Admin

Security checks across malware telemetry and agentic risk

Overview

This is a text-only OpenClaw administration guide with broad but disclosed admin guidance; the main privacy caveat is optional cross-agent transcript search.

Install only if you intend to administer OpenClaw. Review the source before cloning, keep the gateway endpoint private, store tokens through environment variables or SecretRefs, and enable cross-agent session search only when everyone affected understands that one agent will be able to search another agent's transcripts.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The document explicitly shows how one agent can search another agent's session transcripts by adding that agent's sessions directory as an extra collection, but it provides no warning that this breaks agent isolation and may expose private user conversations or sensitive data across roles. In a multi-agent system, readers may reasonably assume agents are isolated by default, so presenting cross-agent transcript access as a normal recipe without privacy caveats can lead to unintended data disclosure.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal