Back to skill

Security audit

Clawdbot Documentation Expert

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Clawdbot documentation helper that fetches/searches official docs and stores a local cache, with no evidence of hidden data access or malicious behavior.

Before installing, understand that the helper scripts may access docs.clawd.bot and keep a local documentation cache in ~/.cache/clawddocs. Treat the included config snippets as templates: keep real tokens out of repos/shared files, and only run WhatsApp QR login with an account you intend to connect.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The WhatsApp section instructs the user to run `clawdbot login` to scan a QR code, which links a real messaging account and can grant message access, but it does not clearly warn about the privacy and account-linking implications. In a configuration quick-reference, that omission can cause users to connect a personal account without understanding the scope of access.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The snippets show secrets such as `botToken` and `apiKey` inline in JSON examples without any guidance on secure secret handling. Even though the values are placeholders, users commonly copy patterns directly, which can lead to plaintext credential storage in repos, shared files, or logs.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.