ClawHub

Adaptive Routing

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent local-first LLM routing helper, but users should notice the optional cloud escalation, local metrics file, and Ollama install command before using it.

Install if you want a local-first routing workflow and are comfortable with routing metrics being stored locally until reset. Review each cloud fallback before sending sensitive content to a third-party model, and prefer verified/package-manager installation steps over the optional curl-pipe-to-shell Ollama command.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
  • Rogue AgentSelf-Modification, Session Persistence
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Findings (6)

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill clearly uses shell execution, network access, and persistent file writes, but the metadata declares no permissions beyond requiring python3. This creates a transparency and consent problem: operators may invoke the skill without realizing it can send prompts over the network or persist data under the user's home directory.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The description says to use the skill for broadly scoped cases such as 'any request where local-vs-cloud routing should be decided automatically,' which encourages automatic invocation on a wide range of user inputs. In a routing skill that may escalate prompts to cloud providers and persist telemetry, broad auto-invocation increases the chance of unexpected data handling without specific user awareness.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The workflow instructs users to re-run with a cloud provider when local validation fails, but it does not prominently warn that the original prompt and possibly sensitive content may then be transmitted to a third-party cloud service. Because the routing rules even prioritize local handling for sensitive data, silent fallback to cloud can defeat the privacy expectation that motivated local routing in the first place.

Session Persistence

Medium
Category
Rogue Agent
Content
## Configuration

Create `~/.openclaw/adaptive-routing/config.json` to tune thresholds:

```json
{
Confidence
81% confidence
Finding
Create `~/.openclaw/adaptive-routing/config.json` to tune thresholds: ```json { "complexity_threshold": 3, "token_high_watermark": 4000, "token_low_watermark": 500, "redact_output": true } ``

External Script Fetching

High
Category
Supply Chain
Content
brew install ollama

# Linux
curl -fsSL https://ollama.ai/install.sh | sh
```

**Start server**
Confidence
99% confidence
Finding
curl -fsSL https://ollama.ai/install.sh | sh

Chaining Abuse

High
Category
Tool Misuse
Content
brew install ollama

# Linux
curl -fsSL https://ollama.ai/install.sh | sh
```

**Start server**
Confidence
99% confidence
Finding
| sh

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal