Back to skill

Security audit

主动代理 Lite

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only skill that openly aims to make agents more proactive, with no scripts, credentials, installs, or hidden data access in the artifacts.

Install only if you want the agent to be more initiative-taking and memory-oriented. Monitor whether suggestions become too frequent, confirm your OpenClaw memory/privacy settings, and do not treat the privacy claims as a technical guarantee.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
84% confidence
Finding
The README states that the agent will 'automatically begin exhibiting proactive behavior' with no additional configuration required, but does not define operational boundaries, trigger conditions, or limits on what proactive behavior entails. For a skill centered on memory, reverse prompting, and self-healing, this ambiguity can cause unsafe assumptions by users and integrators, increasing the chance of unintended actions, data handling, or workflow interference.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The README lacks a prominent warning that automatic proactive behavior may affect user workflows, generate unsolicited outputs, or retain context/data across sessions. In the context of a skill advertising long-term memory and proactive suggestions, users may enable it without understanding privacy, autonomy, and operational side effects, which raises real security and trust risks.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The skill says it enhances any agent and will automatically begin exhibiting proactive characteristics, but it does not define clear activation boundaries or user-consent conditions. In an agent framework, broad always-on behavioral changes can cause the model to act outside user expectations, increasing the chance of unauthorized suggestions, actions, or persistence-related side effects.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill advertises proactive, self-healing, continuous-learning, and memory behaviors but provides no user-facing warning about potential effects on user data, state, or downstream system actions. Those capabilities can alter agent behavior in ways users may not anticipate, especially if memory retention or automatic recovery routines interact with sensitive context or tools.

VirusTotal

47/47 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.