Default Model
Security checks across malware telemetry and agentic risk
Overview
This skill coherently lets authorized users change OpenClaw's persistent default model and does not show hidden or unrelated behavior.
Install this only where trusted operators are allowed to change the OpenClaw default model. The setting persists across restarts and affects new sessions, so confirm your OpenClaw auth and Telegram callback controls match who should have that authority.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
65/65 vendors flagged this skill as clean.