EvoAgentX Workflow

Security checks across malware telemetry and agentic risk

Overview

The skill is a coherent EvoAgentX helper, but users should treat it as a lightweight installer/scaffolder and be careful with generated file names and the unpinned Python package.

Install EvoAgentX in a virtual environment, pin or review the package version for important projects, and run create-workflow only from the intended project directory using a simple class-style name such as ResearchWorkflow. Review generated Python before running it, and do not rely on the skill itself to provide full production workflow optimization or OpenClaw integration beyond the external EvoAgentX package and examples.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 88% confidence
Finding: The skill advertises and demonstrates capabilities that involve package installation, network access, and creation of workflow files, but it declares no explicit permissions. This creates a trust and policy gap: a user or platform may approve the skill expecting low privilege behavior while the documented usage enables external package retrieval and local file generation.

Tp4

High

Category: MCP Tool Poisoning
Confidence: 92% confidence
Finding: The skill claims substantial OpenClaw integration and self-evolving workflow functionality, but the finding indicates those features are not actually implemented. This is dangerous because users may rely on nonexistent optimization, safety, or integration behavior and run the skill in production under false assumptions, which can lead to insecure deployment decisions and over-trust of generated code or workflows.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal