ClawHub

AI Company Starter

Security checks across malware telemetry and agentic risk

Overview

This skill is not clearly malicious, but it creates persistent OpenClaw agent files with broad multi-agent authority, Telegram coordination, and a hard-coded owner value users should review before installing.

Install only after reviewing the generated files and replacing the hard-coded USER.md owner. Run it first in a test OpenClaw workspace, use a private Telegram group, avoid secrets and regulated customer or financial data, and define approval, logging, retention, and shutdown controls before granting real tool or account access.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The README explicitly promotes persistent memory storage and Telegram group integration, but it does not warn users that business data, prompts, conversations, and potentially sensitive personal information may be retained locally and shared with third-party platforms. In a multi-agent 'AI company' context, this omission is more dangerous because users may route HR, finance, sales, and operational data through the system, increasing the chance of privacy leakage, unauthorized retention, or accidental disclosure.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill encourages binding multiple AI agents to a shared Telegram group and using cross-agent messaging, including access to employee memories, customer data, and financial data, but provides no privacy, consent, retention, or least-privilege guidance. In practice this can lead to oversharing sensitive business or personal information across agents and external messaging platforms, especially in group contexts where data may be exposed to unintended participants or retained by third-party services.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal