Agent Evolution

Security checks across malware telemetry and agentic risk

Overview

This skill is a transparent local behavior tracker for agents, with expected persistent state but no evidence of hidden network access, credential use, or destructive actions.

Install this only if you want the agent to keep a persistent local record of behavior rules, identity state, and pattern alerts. Import rules only from AGENTS.md or SOUL.md files you trust, and periodically review or remove ~/.openclaw/workspace/.agent-evolution/state.json if the stored guidance becomes outdated or unwanted.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 82% confidence
Finding: The skill declares shell commands, uses a Node script, and references a persistent file under the user's home directory, which implies access to environment-derived paths and local state, but it does not declare any permissions. This creates hidden capability exposure: an agent may invoke filesystem or environment-dependent behavior without clear user consent or sandbox expectations.

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The activation language is very broad: 'self-improvement', 'behavior tracking', 'role consistency', and 'repeat detection' can match many ordinary agent tasks. That increases the chance the skill is invoked in unrelated contexts, causing persistent behavior shaping or state updates when the user did not request them.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal