ClawHub

smart-restart-protection

Security checks across malware telemetry and agentic risk

Overview

This skill appears intended to manage OpenClaw restarts, but it needs review because it can control the Gateway and touches local OpenClaw configuration, session, and workspace state more broadly than its short description makes clear.

Install only if you intentionally want a skill that can restart your local OpenClaw Gateway. Review the shell scripts first, treat the copied OpenClaw config backups as sensitive, and do not rely on the README’s force, no-backup, or rollback behavior unless you verify it in your environment.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill declares shell-capable requirements (bash and an executable workflow) but does not declare explicit permissions, creating a mismatch between what the skill can do and what a reviewer or runtime policy may expect. In an agent environment, undeclared command execution increases the risk of unintended or ungoverned system actions, especially for restart-related operations that may affect service availability.

Context-Inappropriate Capability

High
Confidence
95% confidence
Finding
The skill exposes a generic shell execution primitive via `runCommand(command, returnOutput)` using `execSync` and `spawn(..., { shell: true })`. In a restart-protection skill, this is unnecessarily powerful: if any caller-controlled input reaches this helper, it enables arbitrary command execution on the host and can fully compromise the environment.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal