ClawHub

Ocas Praxis

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed local behavior-improvement journal that can affect future agent behavior, but its storage, limits, and file locations are largely aligned with that purpose.

Install only if you want local records of outcomes and behavior changes to persist under ~/openclaw or OCAS_ROOT. Review active shifts and journals periodically, configure retention, and allow only trusted local skills or processes to write BehavioralSignal files into the intake directory.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill explicitly states it will check an intake directory during event recording and scheduled passes, then move processed files automatically. That creates filesystem side effects without any explicit user-facing warning, confirmation boundary, or constraints on what scheduled execution means, which can surprise users and cause unintended file processing or movement in a persistent workspace.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill documents broad persistent storage of behavioral events, lessons, shifts, debriefs, decisions, and journals, but does not provide a clear privacy warning, data classification guidance, or meaningful retention limits by default. Because this skill handles behavioral refinement and runtime behavior changes, the stored data may contain sensitive operational history or personal information, increasing privacy and security risk if retained indefinitely.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The file mandates persistent journaling of every run to a user-accessible path, including command content, timing, model/runtime details, and behavioral modification metadata, but provides no requirement to obtain user consent or clearly disclose that data will be written to disk. This creates a privacy and data-governance risk because sensitive prompts, operational metadata, and behavior-change traces may be retained unexpectedly and later exposed to other local processes, users, backups, or forensic review.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal