ClawHub

Offlyn Clipper

Security checks across malware telemetry and agentic risk

Overview

This skill appears purpose-built for Offlyn Clipper, but it needs Review because it can automatically access private notes/live meeting content and stores local pairing credentials.

Install only if you are comfortable giving OpenClaw access to Offlyn Clipper notes and live meeting recaps. Prefer invoking it with explicit Clipper-specific requests, review Clipper's per-tool sharing settings, and protect or remove the local credentials file if you no longer want OpenClaw paired.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
80% confidence
Finding
The invocation text uses broad phrases like 'meetings', 'catch me up', 'what did I miss', and 'search my notes', which can match ordinary conversation and trigger this skill in contexts the user did not intend. Because the skill accesses sensitive personal notes and live meeting recaps, accidental invocation increases the risk of unintended disclosure or tool use against private local data.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The script persists a long-lived session token together with the Ed25519 private key to local storage, which creates a credential-at-rest risk if the host, user account, repo directory, or backup/sync destination is compromised. Because these secrets appear sufficient to authenticate to Clipper later, an attacker who reads the saved file may be able to impersonate the paired client and access note or meeting data without repeating user approval.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal