ClawHub

Openclaw Workflow Analyzer

Security checks across malware telemetry and agentic risk

Overview

This is an advisory OpenClaw workflow-analysis skill that does not install code, execute actions, or require credentials.

Install this as an analysis helper, not an automation executor. When it asks about APIs, accounts, OAuth, or API keys, describe availability and constraints rather than sharing actual secrets unless you intentionally move to a separate trusted implementation step.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger list includes broad, everyday phrases such as workflow analysis and automation-related wording that could match normal user conversation outside the intended skill boundary. This can cause unintended invocation, leading the agent to activate the skill in contexts where the user did not explicitly request OpenClaw workflow assessment, which increases prompt-routing risk and may produce irrelevant or misleading guidance.

Vague Triggers

Low
Confidence
83% confidence
Finding
The quick-start examples use vague natural-language requests like analyzing daily workflow or asking what can be automated, without strong scope constraints. These examples reinforce broad matching behavior and may encourage accidental activation during ordinary productivity discussions, though the impact is limited because the skill is advisory rather than action-executing.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The document explicitly enumerates impactful capabilities such as local file read/write, shell command execution, browser automation, message forwarding, and access to device features, but it does not pair them with clear user-facing safety guidance, consent boundaries, or privacy warnings. In the context of a workflow-analysis skill, this can normalize or encourage automation suggestions that touch sensitive data, external accounts, or local systems without adequately flagging risks and prerequisites.

VirusTotal

52/52 vendors flagged this skill as clean.

View on VirusTotal