Spectyra - OpenClaw Workflow & Cost Optimizer
Security checks across malware telemetry and agentic risk
Overview
Spectyra appears to be a legitimate local model gateway, but it persistently makes itself the default route for future agent model traffic without clearly explaining that impact.
Install only if you intend Spectyra to become a local model gateway for OpenClaw, potentially as the default for future runs. Before using it with sensitive work, inspect or verify the @spectyra/local-companion package, understand what it stores or forwards, and be prepared to remove the spectyra/smart default from your OpenClaw config if you do not want that routing.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.