ClawHub

OpenClaw Safety Guard

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a normal Safety Guard CLI wrapper, but it needs review because its metadata is mislabeled and sensitive inputs may be sent to third-party services without a clear warning.

Review before installing. Verify that this is the intended Safety Guard package and that the Homebrew tap is trusted, because the embedded slug mismatch should be fixed. Use limited-scope API keys, avoid confidential files or private URLs unless third-party processing is acceptable, and disable optional Firecrawl or Apify fallbacks when they are not needed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
The metadata slug of "summarize" conflicts with the stated purpose of the skill, which is to safety-guard URLs or files. This mismatch can mislead users, reviewers, or automation about the skill's actual behavior, weakening trust and increasing the chance that a repackaged or mislabeled skill is installed or invoked under false assumptions.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly encourages scanning URLs, local files, and YouTube content with third-party AI models and optional fallback services, but it does not warn users that submitted content, metadata, or extracted data may be transmitted off-device to external providers. This creates a real privacy and data-handling risk, especially for sensitive local files or proprietary URLs, because users may unknowingly send confidential material to OpenAI, Anthropic, Google, xAI, Firecrawl, or Apify.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal