ClawHub
Back to skill

Security audit

Openclaw Self Heal

Security checks across malware telemetry and agentic risk

Overview

This OpenClaw repair skill is not malicious, but it gives an agent broad autonomous authority to restart services, approve pairing, and kill processes before asking the user.

Install only if you want an agent to take autonomous OpenClaw recovery actions. Consider requiring manual approval before gateway stop/restart, pkill, killing port owners, pairing approval, cache clearing, or config reload, especially on production systems or while active sessions are running.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly authorizes autonomous diagnosis and remediation, including restarting and stopping/starting the gateway, without requiring operator confirmation for potentially disruptive actions. In an outage or misdiagnosis scenario, this can worsen availability issues, interrupt active sessions, and create unauthorized system changes before a human reviews the situation.

Autonomous Decision Making

Medium
Category
Excessive Agency
Content
---
name: openclaw-self-heal
description: Diagnose and self-resolve OpenClaw system breakage autonomously. Use when: the Control UI / webchat is broken or unreachable, a channel (Discord, Telegram) goes offline or stops responding, the gateway crashes or won't start, memory/plugins report errors, pairing fails, or any OpenClaw component appears broken. Also use proactively during heartbeats when `openclaw status` shows errors. Resolves issues without asking Jake unless the fix requires destructive action or manual intervention.
---

# openclaw-self-heal
Confidence
97% confidence
Finding
without asking

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal