KimiClaw Bridge

Security checks across malware telemetry and agentic risk

Overview

This is a transparent setup guide for using Kimi as an OpenClaw/Claude Code backend, with expected API-key and external-provider risks but no hidden or executable behavior.

Install only if you intentionally want OpenClaw or Claude Code traffic routed to Kimi. Use a dedicated API key, avoid committing openclaw.json or exposing keys in shell history/logs, and prefer per-task configuration unless you want future agents to use Kimi by default.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The trigger list includes broad terms such as 'free coding model' and 'kimi code' that can match generic user requests unrelated to this bridge. Overbroad activation can cause the skill to be invoked unexpectedly, increasing the chance that users are steered toward this external-provider integration when they did not explicitly request it.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The skill instructs users to route prompts, chat content, and API credentials to a third-party service but does not provide an explicit privacy, retention, or data-sharing warning. In a coding-agent context, prompts may contain source code, secrets, or proprietary data, so omission of this warning materially increases the risk of unintended disclosure.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal