48h-Expert-Methodology

Security checks across malware telemetry and agentic risk

Overview

This instruction-only learning skill is coherent and disclosed, but it writes generated JSON to a fixed OpenClaw temp file that could overwrite prior output.

Install this if you want structured research notes for later OpenClaw workflows. Be aware it may retrieve sources, will produce schema-shaped JSON instead of normal prose, and may replace the existing expert_output.json file unless you move or clear it between runs.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill explicitly instructs the agent to write data to a fixed path in the user's home directory without any user confirmation, opt-in, or safety guard. This creates an unauthorized filesystem side effect and can overwrite existing data, leave artifacts for later skills, or normalize silent persistence behavior across runs.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal