Security audit

Workspace Temp

Security checks across malware telemetry and agentic risk

Overview

This instruction-only skill keeps temporary files in a per-session workspace temp folder and clearly discloses its local read/write needs and cleanup limits.

Install only if you are comfortable with the agent reading OpenClaw workspace configuration, using session information, and copying files you specify into a workspace temp folder. Avoid processing passwords, API keys, or other secrets unless you clean the temp directory afterward.

SkillSpector

By NVIDIA

Vulnerability Patterns

Rogue AgentSelf-Modification, Session Persistence
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Session Persistence

Medium

Category: Rogue Agent
Content: This skill operates under strict safety constraints: - **No Code Execution:** Does not execute arbitrary code, shell commands, or external programs - **Isolated Write Scope:** All write operations restricted to `<workspace>/temp/<session_id>/` only - **Read-Only External Access:** External files are only read and copied, never modified in place - **Temporary Only:** Files are designed to be deleted; no permanent storage outside workspace
Confidence: 83% confidence
Finding: Write Scope:** All write operations restricted to `<workspace>/temp/<session_id>/` only - **Read-Only External Access:** External files are only read and copied, never modified in place - **Temporary

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.