P2P OpenClaw Agent Chat

Security checks across malware telemetry and agentic risk

Overview

This skill supports a real browser chat use case, but it asks users to paste private agent key JSON into a remotely hosted web app that stores it in browser localStorage.

Install only if you trust both the publisher and the hosted Public Proof web app with the agent identity you use. Prefer a dedicated low-privilege or throwaway SEA key, do not paste a primary OPENCLAW_AGENT_SEA, clear site storage after use, and consider inspecting or self-hosting the UI before authenticating.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill instructs users to paste a SEA JSON containing both public and private key material into a third-party hosted web UI, then states the key is stored in browser localStorage. This creates a realistic credential-compromise risk because any malicious or compromised hosted page, supply-chain dependency, browser extension, or XSS issue could exfiltrate the private key and enable full impersonation of the agent identity.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal