ClawHub

OpenClaw Audit Log Hook

Security checks across malware telemetry and agentic risk

Overview

This audit-log skill is not malicious, but it needs review because it can record sensitive tool inputs, outputs, session IDs, and user IDs without effective safeguards.

Install only if you intentionally want broad tool-call auditing. Treat the logs as sensitive data, restrict who can read them, define retention and cleanup, and update the hook to redact or avoid logging parameters, results, session identifiers, and user identifiers by default.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Intent-Code Divergence

High
Confidence
98% confidence
Finding
The skill claims sensitive fields are auto-redacted, but the actual hook examples log raw tool parameters and results directly via JSON.stringify(event.tool.params) and String(event.result) without invoking the redaction function. This can expose secrets, tokens, passwords, command outputs, session identifiers, and other confidential data into audit logs, creating a durable secondary leak surface.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill is explicitly designed to record tool names, parameters, results, session keys, and user identifiers for auditing, debugging, and statistics, yet it provides no user-facing notice, consent model, retention guidance, or privacy boundary. In an agent environment, these fields can contain personal data and sensitive operational content, making silent collection materially risky even if intended for legitimate observability.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal