Back to skill

Security audit

Async Task

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed async task helper that stores local task state and pushes results back to OpenClaw/Clawdbot or to a user-configured endpoint.

Install only from a source you trust. Use ASYNC_TASK_PUSH_URL only with a trusted HTTPS endpoint because task results and session IDs will be sent there, and avoid putting secrets in task descriptions or result messages.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
87% confidence
Finding
The trigger list includes very generic phrases such as "long running," "timeout," and "background task," which can match common user requests unrelated to this specific capability. Overly broad activation conditions increase the chance the agent invokes this skill in inappropriate contexts, causing unintended command execution paths or unnecessary result-pushing behavior.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill explicitly supports sending session identifiers and message content to a custom external push endpoint, but it does not require user notice, consent, or any data-minimization guidance. This creates a real risk of sensitive conversation content being exfiltrated to third-party infrastructure, especially because the endpoint is arbitrary and configured via environment variables.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

Detected: suspicious.dangerous_exec

Shell command execution detected (child_process).

Critical
Code
suspicious.dangerous_exec
Location
async-task.js:29