Skill Defender

Security checks across malware telemetry and agentic risk

Overview

This is a coherent offline security scanner; its scary strings are detection examples, not instructions to the agent.

Install only if you want a local Python-based scanner for OpenClaw skills. Treat its results as heuristic: review allowlisted skills manually for sensitive installs, and use the single-skill scanner or raw findings when you need maximum transparency.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 97% confidence
Finding: This script is advertised as aggregating deterministic scanner output, but it suppresses findings through a hardcoded allowlist and recomputes verdicts after filtering. That creates a trust gap: a malicious or compromised skill can be hidden if its findings match an allowlisted skill/category combination, reducing the reliability of the security tool.

Vague Triggers

Medium

Confidence: 78% confidence
Finding: The manual trigger phrase "security check" is broad and could cause the skill to activate on generic user requests that are not specifically about scanning installed skills. That can lead to unintended execution, user confusion, or accidental disclosure of local skill inventory/results, especially in environments where automatic tool routing is permissive.

VirusTotal

59/59 vendors flagged this skill as clean.

View on VirusTotal