Graphhopper
Security checks across malware telemetry and agentic risk
Overview
The submitted materials appear to be coherent ClawHub/OpenClaw maintenance skills and project files with disclosed, purpose-aligned behavior and no evidence of hidden malicious activity.
Install only if you trust the publisher to provide ClawHub maintenance guidance. These skills can guide powerful local development and moderation workflows, so use them in a ClawHub repo with the correct account permissions and review exact commands before allowing writes.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
65/65 vendors flagged this skill as clean.