工作流编排

Security checks across malware telemetry and agentic risk

Overview

This workflow skill is coherent for ad-production automation, but it can automatically launch multi-step actions from events and arbitrary workflow definitions without clear scoping or confirmation.

Install only if you trust the surrounding OpenClaw event sources and the skills it can call. Review workflow definitions before use, avoid connecting it to production publishing or distribution accounts until approvals/allowlists are added, and monitor or disable automatic demand.approved workflow starts if unintended automation would be costly.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill automatically starts a multi-step workflow in response to an external `demand.approved` event without any confirmation, trust check, or policy gate in this file. If an attacker or misconfigured component can emit or replay that event, they can trigger downstream actions across multiple skills, causing unauthorized processing, resource consumption, and business-side effects.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal