Yuzhua (驭爪) - Gesture-Controlled OpenClaw Chat

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed local wrapper for installing and running Yuzhua, with normal setup risks around downloaded code, tokens, gateway traffic, and stopping a local port.

Install only if you trust the Yuzhua repository being cloned or updated. Review the generated .env before use, protect any tokens in it, confirm what your OpenClaw gateway sends to providers, and be careful with stop.sh because it may terminate any process using the configured port.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Low

Confidence: 80% confidence
Finding: The health-check and runtime description mention OpenClaw gateway connectivity, but the skill does not provide an explicit warning that startup and status checks may involve network communication or expose status information through the gateway path. This can mislead users into assuming the skill is purely local when it may transmit requests, tokens, or service metadata beyond the local process boundary.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal