Back to skill

Security audit

OpenClaw 安全加固 / Lock Your AI Agent in a Vault

Security checks across malware telemetry and agentic risk

Overview

This is a real server-hardening skill, but its one-click script makes persistent root-level firewall and SSH changes that can wipe existing rules or lock users out.

Install only if you are comfortable reviewing and running a root-level server-hardening script. Before running it, confirm key-based SSH works, keep an active recovery session, record existing UFW rules, add any required service ports, and treat the promotional links as unrelated advertising rather than security guidance.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Description-Behavior Mismatch

Low
Confidence
85% confidence
Finding
The skill is presented as a security-hardening guide, but it embeds unrelated affiliate links and contact promotion at the end. In a security context, mixing operational hardening advice with monetized links can erode trust, create social-engineering opportunities, and encourage operators to click external resources that are not necessary for the hardening task.

Tool Parameter Abuse

High
Category
Tool Misuse
Content
echo "== 当前连接 IP: ${CUR_IP:-未知} =="

echo "== 防火墙默认全拒 + 放行 SSH 与当前 IP =="
sudo ufw --force reset >/dev/null 2>&1
sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw allow 22/tcp comment 'SSH'
Confidence
83% confidence
Finding
--force reset

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.