Clawflow Free

Security checks across malware telemetry and agentic risk

Overview

ClawFlow is a coherent manual productivity skill, but it can read personal productivity context and save local daily summaries.

Install only if you are comfortable with the assistant using local OpenClaw profile files, workspace activity, chat context, and optional Todoist or calendar data. Review or delete files under ~/.openclaw/workspace/memory if they may contain sensitive information, and skip optional integrations you do not want exposed to the assistant.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill explicitly instructs saving a daily summary to a persistent file under the user's workspace, but it does not clearly warn the user that potentially sensitive content will be written to disk. Because the summary may include chat history, task data, and workspace activity, this creates a real privacy and data-retention risk if the user did not knowingly consent to storage.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The skill gathers today's chat history, workspace file metadata, Todoist data, and optionally calendar data, but does not provide a privacy warning or obtain informed consent before accessing these sources. This is dangerous because it broadens data access across local and third-party sources, potentially exposing sensitive personal or work information beyond what the user expected for a simple summary.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal