Verified Agent Identity

Security checks across malware telemetry and agentic risk

Overview

This identity skill is purpose-aligned, but it asks for sensitive key and identity-linking operations while the reviewed artifact does not include the scripts that would perform them.

Review before installing. Use a dedicated agent identity, do not pass an Ethereum wallet key that controls assets, set BILLIONS_NETWORK_MASTER_KMS_KEY before creating identities, protect $HOME/.openclaw/billions, and only run the referenced scripts if the installed package actually includes reviewable source and dependencies from a trusted source.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The skill instructs users to create and manage decentralized identities and explicitly states elsewhere that private keys may be stored in plaintext when `BILLIONS_NETWORK_MASTER_KMS_KEY` is not set, but the normal setup flow does not prominently warn about that risk before identity creation. This can lead to accidental generation and persistence of highly sensitive key material on disk without informed consent, increasing the chance of credential theft or identity compromise on shared or insufficiently secured systems.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal