Alter Manager

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed OpenClaw sub-session manager whose sensitive behavior is limited to user-directed session creation, deletion, and routing.

Install this if you want to manage OpenClaw sub-sessions. Before confirming deletion, verify the exact label or session key. When using route mode, remember that normal messages will go to the selected sub-session until you exit route mode or clear the state file.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Ssd 3

Medium

Confidence: 95% confidence
Finding: The silent routing design causes the main session to forward subsequent user messages to another session transparently, while suppressing any visible indication that forwarding is occurring. This creates a consent and data-flow transparency problem: users may disclose sensitive information believing they are speaking to the main session, when their content is actually being relayed to a different session with separate context and history.

VirusTotal

56/56 vendors flagged this skill as clean.

View on VirusTotal