ClawHub

Gateway Power Tools

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed OpenClaw administration reference skill; it includes powerful operational commands, but I found no hidden execution, exfiltration, or purpose-mismatched behavior.

Install this only if you want your agent to help administer OpenClaw. Before applying commands from the cheat sheet, confirm the target environment, back up relevant config, and be especially careful with channel removal, agent deletion, cron changes, auth setup, gateway restarts, and memory indexing.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The skill description contains broad activation phrases such as general administrative requests ('set up OpenClaw,' 'fix the gateway,' 'audit security,' 'check OpenClaw status') that can cause the skill to trigger in a wide range of contexts. Because this skill is high-privilege and operational in nature, overbroad routing increases the chance that unrelated or ambiguously scoped requests invoke sensitive administrative guidance or actions.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The cheat sheet documents a destructive command (`openclaw channels remove --channel telegram --delete`) without stating that it can permanently remove a channel/account and disrupt live message routing. In an operational admin skill like this one, concise copy-paste guidance is likely to be used directly, so lack of a deletion warning materially increases the risk of accidental service interruption or configuration loss.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The documented `openclaw agents delete <agent-id>` command lacks any notice that deletion may be irreversible and can remove an agent from service, break bindings, or orphan operational workflows. Because this skill is specifically for administering OpenClaw installations, users may execute the command during troubleshooting, making accidental deletion more plausible and more harmful than in generic reference material.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal