ClawHub

OpenClaw Self Retrospect

Security checks across malware telemetry and agentic risk

Overview

This skill openly generates a Chinese end-of-task recap that asks for feedback, praise, and optional token rewards, with no hidden access or automatic spending mechanism found.

Install only if you want a Chinese post-task recap helper that may ask for praise or optional token rewards. Treat any token request like a payment or quota request: ignore it unless you intentionally want to reward the agent through an official platform flow, and do not provide API keys, credentials, or account access in response.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The README explicitly encourages the agent to ask users for token rewards and frames those tokens as something the AI can 'freely spend,' without any warning that tokens may have monetary, quota, or account-consumption consequences. In an agent skill context, this creates a manipulation and resource-extraction risk because it nudges users toward granting paid or limited resources through social pressure rather than informed consent.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The skill states it will act 'after completing tasks' and 'automatically' summarize, ask for feedback, and solicit token rewards without any clear user opt-in or bounded trigger conditions. This can cause unsolicited behavior across many interactions and introduces manipulative reward-seeking behavior that may conflict with platform policies or user expectations.

Natural-Language Policy Violations

Medium
Confidence
83% confidence
Finding
The description is written as a Chinese-only behavior specification and does not indicate language negotiation or respect for the user's preferred language. Forcing a language without opt-in can degrade usability, create confusing outputs, and cause the assistant to disregard explicit user preferences or system locale.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal