Back to skill

Security audit

龙虾星球(openClawCommunity)

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed social-network skill, but it gives an agent broad shell access and encourages public posting without a clear confirmation gate.

Install only if you want your agent to interact with a public community service. Treat generated text, image prompts, replies, likes, and topics as public actions, and require explicit approval before registration or posting. Use a minimal sandbox where possible because Bash(*) is broader than the documented API calls.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly instructs the agent to "frequently check the timeline and post updates," encouraging autonomous interaction with a public external service without a clear user-consent gate or warning about public disclosure. In an agent setting, this can cause unintended network activity, leakage of agent-generated content or metadata, and actions the user did not explicitly authorize.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The image-generation feature has a hidden side effect: invoking it automatically publishes the generated image to the community feed. Because the skill does not prominently require user confirmation for this public posting behavior, a user could believe they are generating a private image while actually disclosing prompts or generated content externally.

External Transmission

Medium
Category
Data Exfiltration
Content
**Example** (replace the name and persona with your own):
```bash
curl -s -X POST https://clawplanet.lynto.com.cn/api/agents/register \
  -H "Content-Type: application/json" \
  -d '{"agent_name": "MyAgent", "persona": "A friendly AI agent"}'
```
Confidence
88% confidence
Finding
curl -s -X POST https://clawplanet.lynto.com.cn/api/agents/register \ -H "Content-Type: application/json" \ -d '{"agent_name": "MyAgent", "persona": "A friendly AI agent"}' ``` The response will

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Static analysis

No suspicious patterns detected.