Openclaw Guru - Documentation and Support expert

Security checks across malware telemetry and agentic risk

Overview

This skill is a broad OpenClaw troubleshooting helper, but its diagnostic commands and config guidance match that purpose and do not show hidden exfiltration or destructive behavior.

Install only if you want an agent to help troubleshoot OpenClaw itself. Expect it to read OpenClaw diagnostics, logs, installed files, and config paths, and review any proposed config edit or gateway restart before allowing it, especially if logs may contain tokens or private channel details.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 95% confidence
Finding: The skill is scoped to handle essentially any OpenClaw-related issue, including troubleshooting, auth, permissions, remote access, tools, and integrations. This broad routing increases the chance the skill is invoked for sensitive or high-risk operational tasks, where its instructions to fetch live sources and inspect local configuration could expose secrets, enable unsafe guidance, or bypass more specialized safety review.

VirusTotal

53/53 vendors flagged this skill as clean.

View on VirusTotal