ClawHub

Skill Audit

Security checks across static analysis, malware telemetry, and agentic risk

Overview

This markdown-only skill appears to be a legitimate OpenClaw skill auditor, but it mandates saving audit reports to a fixed home-directory path without clear opt-in or frontmatter disclosure.

Install only if you are comfortable with audit reports being saved under ~/.openclaw/workspace/skill-audit-reports by default. Avoid auditing skills that contain secrets or private data unless persistent local retention is acceptable, and prefer asking the agent not to save files or to use a reviewed destination if your runtime can override the skill workflow.

Publisher note

No network or elevated permissions required. Reads local skill files and writes audit reports.

SkillSpector (3)

By NVIDIA

Context-Inappropriate Capability

Medium
Confidence
93% confidence
Finding
The skill directs the agent to write persistent audit reports to a fixed path in the user's home/workspace directory, which adds filesystem side effects beyond merely auditing and scoring. This is risky because it performs storage without clear necessity in the manifest and can create unwanted files, leak analyzed content into persistent storage, or normalize silent writes.

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The documented behavior expands from auditing/scoring into creating timestamped persistent artifacts, but that capability is not disclosed in the manifest description. This mismatch is dangerous because users and orchestrators may invoke the skill expecting analysis only, while the skill silently performs additional actions with privacy and persistence implications.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill instructs saving a report under the user's home directory without prominently warning about this behavior in the description. This is dangerous because users may trigger the skill based on the manifest alone and not realize it will write persistent files containing possibly sensitive audit content.

Static analysis

No static analysis findings were reported for this release.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal