OpenClaw Safe Update
Security checks across malware telemetry and agentic risk
Overview
This skill is a disclosed verify-first updater for OpenClaw that only changes the global install after explicit apply confirmation.
Install this if you want OpenClaw update automation. Run the default verify-only mode first, review any printed log path on failure, pin a target version when needed, and use --apply or sudo only when you are ready to change the global OpenClaw installation.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.