ClawHub

OpenClaw Starter Kit

Security checks across malware telemetry and agentic risk

Overview

This is a coherent OpenClaw onboarding guide that creates persistent setup files and explains automation, with no executable installer or hidden behavior found.

Install this as a setup assistant, not as a passive reference file. Review generated SOUL.md, USER.md, MEMORY.md, and HEARTBEAT.md before relying on them, keep API keys and sensitive personal data out of memory/profile files, confirm any cron or heartbeat automation before enabling it, and review each recommended third-party skill separately before installing.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (7)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The phrase "세팅 도와줘" is ambiguous and could match many unrelated requests about device setup, app configuration, or general troubleshooting. In this skill, accidental activation is more concerning because the workflow includes creating files, guiding API configuration, and suggesting security-relevant changes.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The phrase "세팅 도와줘" is ambiguous and could match many unrelated requests about device setup, app configuration, or general troubleshooting. In this skill, accidental activation is more concerning because the workflow includes creating files, guiding API configuration, and suggesting security-relevant changes.

Vague Triggers

Low
Confidence
89% confidence
Finding
The trigger list does not define boundaries for activation, so the skill may respond to loosely related phrases without confirming that the user wants OpenClaw onboarding. Because the skill performs a broad onboarding flow involving user profiling, workspace creation, and security/configuration steps, lack of scope controls increases the chance of unintended execution.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The guide encourages broad natural-language scheduling commands without documenting confirmation, scoping, or disambiguation requirements. In an onboarding skill, this can lead users to create unintended recurring tasks or trigger the cron capability from loosely phrased requests, increasing the chance of accidental automation and privilege misuse.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The management examples use ambiguous references like 'that cron job' without defining how the target job is selected. If multiple scheduled tasks exist, an agent may disable or delete the wrong automation, causing integrity and availability issues for user workflows.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The template describes a periodic agent behavior that reads and may act on HEARTBEAT.md every ~30 minutes, but it does not clearly constrain what tasks may run, what permissions are allowed, or what approval model applies. In an agent setting, ambiguous recurring execution can lead to unintended autonomous actions, privacy-invasive checks, or expansion from a passive status file into an active instruction channel.

Natural-Language Policy Violations

Low
Confidence
93% confidence
Finding
The template hard-codes `Timezone: Asia/Seoul`, which can cause the system or downstream prompts to assume a user locale without explicit consent or confirmation. While not directly exploitable in a severe way, it can lead to incorrect personalization, privacy-sensitive inference about location, or misconfigured time-based behavior during onboarding.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal