OpenClaw Swarm

Security checks across malware telemetry and agentic risk

Overview

This is a small instruction-only skill for coordinating subagents, with disclosed context-sharing features that users should handle carefully.

Install only if you need multi-agent orchestration. Avoid using recent or full context sharing on conversations containing secrets, credentials, private customer data, or sensitive internal plans; prefer none or summary when possible, and store or publish only the minimum data needed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill promotes `contextSharing`, `context_store`, `context_publish`, and parallel subagent orchestration without any warning about the risk of exposing prior conversation history, shared state, or task outputs to other agents or orchestrators. In a multi-agent environment, these features can unintentionally leak sensitive prompts, secrets, internal reasoning context, or user data across trust boundaries, especially when `recent` or `full` history sharing is used.

VirusTotal

No VirusTotal findings

View on VirusTotal