ClawHub
Back to skill

Security audit

OpenClaw Claude Code 百炼配置

Security checks across malware telemetry and agentic risk

Overview

This is a legitimate Claude Code usage guide, but it enables broad code changes, PR creation, external tool connections, and third-party API credential use without enough guardrails.

Review this before installing if you use Claude Code on sensitive repositories. Keep Claude in confirmation or plan mode for risky work, approve commits and PRs yourself, only add trusted MCP servers with least-privilege credentials, and avoid storing provider API keys in plaintext settings when a safer secret mechanism is available.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill encourages using Claude Code to create commits and PRs, but it does not clearly warn that these actions can alter repository history and may publish code or metadata to remote services. In an agentic/PTy-driven environment, this increases the chance of unintended source changes or remote publication initiated from natural-language prompts.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The MCP section describes connecting external servers over stdio, HTTP, and SSE and highlights integrations like filesystem, database, Slack, and GitHub, but omits strong warnings about data exposure, code execution, and side effects. In this skill's context, MCP can substantially expand the agent's reach beyond local code review into external systems, making misconfiguration or unsafe use materially dangerous.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The third-party provider configuration instructs users to place API credentials in a local settings file and send prompts/code to an external endpoint, but it lacks clear warnings about secret storage, endpoint trust, and outbound transmission of potentially sensitive source code. Because this skill is explicitly used for code development and review, users may unknowingly expose proprietary code, tokens, or regulated data to a third-party service.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal