Security audit

OpenClaw Workspace

Security checks across malware telemetry and agentic risk

Overview

This is a broad workspace-audit guidance skill with no executable install steps or hidden data movement, though it may be selected for many workspace-improvement requests.

Install this if you want a broad assistant behavior and workspace-audit skill. Review its suggestions before allowing edits to personal memory, user-profile, or bootstrap behavior files, and prefer a narrower skill for isolated tasks like only memory cleanup or only tone tuning.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The skill's activation criteria are intentionally broad and include generic requests like improving, analyzing, debugging, or understanding a workspace. In an agent-routing system, this can cause the skill to trigger on many adjacent requests, unnecessarily expanding its influence over behavior, memory, and workspace configuration and increasing the chance of unintended modifications or prompt-surface exposure.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.