ClawHub

Claude Code Switchboard

Security checks across malware telemetry and agentic risk

Overview

This is a narrowly scoped routing-management skill, but users should understand it can persistently change OpenClaw Telegram routing and restart the gateway.

Install this only if you want Claude Code to help manage OpenClaw Telegram routing. Before using model, fallback, or restore commands, check the current status, confirm the target provider, consider backing up ~/.openclaw/openclaw.json, and expect a brief gateway restart. Be especially careful enabling CLI-backed routing for Telegram chats you do not fully trust, because those messages may reach a local Claude Code backend with tool access.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Low
Confidence
84% confidence
Finding
The README documents commands that change `~/.openclaw/openclaw.json` but does not clearly warn users that invoking the skill will modify live routing configuration for their OpenClaw deployment. This can lead to unintended backend changes, altered model/tool access, or operational confusion, especially because the skill affects message routing for Telegram rather than a purely local throwaway setting.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill instructs the agent to modify a user configuration file and restart a gateway service, but it does not require confirmation, warn about service interruption, or mention backing up existing state. In an agent setting, this can cause unintended local state changes, break message routing, or disrupt availability if triggered casually or by a mistaken command invocation.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal