Security audit

Skill Quality Checker

Security checks across malware telemetry and agentic risk

Overview

This skill is a static OpenClaw skill quality checker with limited, disclosed local file writes for installation and report output.

Install only if you are comfortable with a local shell-based checker reading the skill directories you point it at and writing reports/configuration in its own directory. Review the generated reports as advisory static-analysis output, and consider narrowing triggers if accidental activation would be disruptive.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Tp4

High

Category: MCP Tool Poisoning
Confidence: 84% confidence
Finding: The skill is described as review-only, but the documented behavior includes filesystem-modifying actions such as creating symlinks, writing reports automatically, and creating config files. This mismatch can mislead users and downstream agents into granting trust or running the skill in contexts where side effects are not expected, increasing the chance of unauthorized local changes.

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The trigger phrase is broad enough to match ordinary user requests about evaluating or checking skills, which can cause the skill to activate unintentionally. This is primarily a safety and routing issue: accidental invocation may expose the skill’s guidance in contexts where the user did not explicitly intend to run it, reducing predictability and potentially interfering with normal agent behavior.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal