Back to skill

Security audit

OpenClaw Launcher

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate OpenClaw launcher helper, but it handles a local auth token, hidden scripts, a long-running WSL process, and admin-level port proxy changes in ways users should review first.

Install only if you specifically want this Windows/WSL OpenClaw launcher. Review the generated .ps1 and .bat files before running them, understand that the launcher reads your OpenClaw token and places it in a local browser URL, approve any administrator portproxy change deliberately, and remove the shortcut/scripts or stop the WSL sleep process when you no longer need them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
92% confidence
Finding
The skill explicitly reads an authentication token from the user's WSL config and places it into a browser URL. Even if intended to open a local dashboard, this is credential handling that increases exposure through process arguments, browser history, logs, screenshots, and copied URLs; the launcher role does not clearly justify taking custody of the token this way.

Intent-Code Divergence

Medium
Confidence
90% confidence
Finding
The skill says setup can be done 'as user, no admin needed' while the generated script later performs netsh portproxy changes that require administrator rights. This mismatch can mislead users into running hidden or bypassed scripts with elevated privileges, reducing informed consent around a networking-affecting action.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill instructs use of PowerShell with ExecutionPolicy Bypass and hidden window mode, which suppresses common trust and visibility signals for script execution. Combined with file generation and network configuration, this materially increases the chance that risky actions occur without the user's clear awareness or ability to inspect what is happening.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.