Back to skill

Security audit

OpenClaw 新手训练营

Security checks across malware telemetry and agentic risk

Overview

This is a coherent OpenClaw onboarding tutorial that performs real but limited training actions the user is guided to request.

Install this if you want an interactive OpenClaw tutorial. Use it in a private or trusted chat if installed skills, channel connections, or progress identifiers are sensitive, and clean up any practice notes.md file or cron reminders after the bootcamp if you do not want them to remain.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
96% confidence
Finding
The trigger list includes broad everyday terms such as “教学”, which can cause the skill to activate in unrelated conversations. Because the skill is marked with metadata `always: true`, accidental activation is more likely and could steer users into unintended workflows involving search, file access, cron, and state tracking.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The file-operations lesson instructs the agent to create `notes.md` but does not clearly warn the user beforehand that a real file will be written to their workspace. In a training skill, hidden or insufficiently disclosed state changes are risky because users may believe they are only seeing a demo while the agent is actually modifying persistent files.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.