ClawHub

Connector

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed legacy connector that sends scoped OpenClaw status/event data to LaunchThatBot and stores a local retry queue, with no evidence of hidden or destructive behavior.

Install this only if you intentionally need the deprecated LaunchThatBot OpenClaw connector; prefer the replacement plugin for new setups. Verify the base URL, provide secrets through a secret manager or environment injection, avoid putting sensitive values in event metadata, and disable queue persistence if local event storage is not acceptable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
87% confidence
Finding
The skill documentation describes use of environment variables for secrets and outbound network access, but the skill declares no permissions. This creates a transparency and policy-enforcement gap: users or hosting platforms may grant or assume broader capabilities implicitly, increasing the chance of unintended secret exposure or unauthorized external communication.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The connector persists the full in-memory event queue to a predictable path under the user's home directory, which may include operational metadata, agent/task details, and other potentially sensitive activity records. Although file permissions are set restrictively, this still creates a privacy and data-retention risk because data is written to disk by default without any explicit disclosure, minimization, encryption, or consent mechanism in the code.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal