Back to skill

Security audit

Clawlyra

Security checks across malware telemetry and agentic risk

Overview

This is a prompt-only avatar skill whose sensitive gateway-token setup is disclosed and purpose-aligned, though users should treat that token carefully.

Install only if you intend to use the Lyra sidecar. Treat OPENCLAW_TOKEN like a password, keep it in a local uncommitted environment file or secret store, and rotate it if exposed. Review the separate Lyra app before granting it gateway access.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The README explicitly tells users to copy a gateway authentication token into Lyra's environment, but it does not warn that this token is sensitive, should be scoped minimally, and must not be committed, logged, or shared. Because Lyra is a separate sidecar app connecting as an operator to OpenClaw, compromise of that environment or accidental exposure of the token could grant unauthorized access to the user's agent or gateway.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.