Back to skill

Security audit

SkillNote Doctor

Security checks across malware telemetry and agentic risk

Overview

This is a bounded read-only diagnostic skill for SkillNote/OpenClaw setup, with no evidence of hidden, destructive, or exfiltrating behavior.

Install only if you want SkillNote/OpenClaw setup diagnostics. Before running it, make sure the SkillNote config points to a host you trust; the skill will inspect local OpenClaw setup files and make limited health-check requests to that configured host. Narrower trigger phrases would reduce accidental activation, but the artifact does not show malicious behavior.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The trigger list includes very generic phrases such as "debug", "broken", "not working", and "why isn't", which are likely to match normal user conversation unrelated to this diagnostic skill. This can cause the skill to activate unexpectedly and perform local file reads and network requests against a configured host, creating unnecessary exposure of environment details and increasing the chance of unsafe or privacy-impacting behavior in unrelated contexts.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.