OpenClaw Guide

Security checks across malware telemetry and agentic risk

Overview

This skill is a documentation helper that searches official OpenClaw sources and does not show hidden, destructive, or credential-stealing behavior.

Install this if you want OpenClaw answers grounded in official docs and source code. Be aware that it may use web searches/fetches, and its optional helper script may use your local GitHub CLI if an agent or user chooses to run it.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Output HandlingUnvalidated Output Injection, Cross-Context Output, Unbounded Output
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Behavioral ASTexec() Call, eval() Call, Dynamic Import
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration

Findings (8)

subprocess module call

Medium

Category: Dangerous Code Execution
Content: raise ValueError(f"Unknown search type: {search_type}") try: result = subprocess.run(cmd, capture_output=True, text=True, check=True) return {"success": True, "output": result.stdout, "error": None} except subprocess.CalledProcessError as e: return {"success": False, "output": None, "error": e.stderr}
Confidence: 70% confidence
Finding: result = subprocess.run(cmd, capture_output=True, text=True, check=True)

subprocess module call

Medium

Category: Dangerous Code Execution
Content: """ cmd = ["gh", "api", f"repos/openclaw/openclaw/contents/{file_path}"] try: result = subprocess.run(cmd, capture_output=True, text=True, check=True) data = json.loads(result.stdout) if "content" in data: import base64
Confidence: 70% confidence
Finding: result = subprocess.run(cmd, capture_output=True, text=True, check=True)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 70% confidence
Finding: Without declared permissions the skill's intent is opaque and cannot be validated.

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The trigger condition 'Any query related to OpenClaw that requires official documentation verification' is expansive and lacks clear boundaries or exclusion conditions. Because this is a markdown file, vague activation criteria apply here, and the wording does not specify what kinds of OpenClaw mentions should not invoke the skill.

Scope Creep

Low

Category: Excessive Agency
Content: ### 3. Information Synthesis and Presentation - Analyze gathered information from official sources - Present clear, concise, and actionable guidance - Avoid speculation or assumptions beyond documented facts - Acknowledge when information is not available in official sources ### 4. Response Quality Standards
Confidence: 70% confidence
Finding: beyond documented

Scope Creep

Low

Category: Excessive Agency
Content: ### Verification Checklist - [ ] Information sourced from official documentation or source code - [ ] Links provided to original sources for user verification - [ ] No speculation or assumptions beyond documented facts - [ ] Response addresses the specific user question completely - [ ] Technical accuracy verified against current implementation
Confidence: 70% confidence
Finding: beyond documented

Unvalidated Output Injection

High

Category: Output Handling
Content: raise ValueError(f"Unknown search type: {search_type}") try: result = subprocess.run(cmd, capture_output=True, text=True, check=True) return {"success": True, "output": result.stdout, "error": None} except subprocess.CalledProcessError as e: return {"success": False, "output": None, "error": e.stderr}
Confidence: 95% confidence
Finding: subprocess.run(cmd, capture_output

Unvalidated Output Injection

High

Category: Output Handling
Content: """ cmd = ["gh", "api", f"repos/openclaw/openclaw/contents/{file_path}"] try: result = subprocess.run(cmd, capture_output=True, text=True, check=True) data = json.loads(result.stdout) if "content" in data: import base64
Confidence: 95% confidence
Finding: subprocess.run(cmd, capture_output

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal