OpenClaw Subagent Session Cleanup

Security checks across malware telemetry and agentic risk

Overview

This skill has a reasonable cleanup purpose, but it tells agents to run a missing cleanup script that can change session records and optionally delete conversation history.

Review this before installing. Only use it if you can obtain and inspect the referenced cleanup.ps1 script, confirm the exact sessions.json and .jsonl files it will touch, back up session data first, run a dry run before cleanup, and require explicit confirmation before deleting any history files.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The trigger text is broad and includes generic symptoms like 'gateway slow' and 'session too many', which can cause the skill to activate in situations where the user did not explicitly request session deletion or maintenance. Because this skill performs operational cleanup and includes an option to delete history files, unintended invocation could lead to disruptive or destructive actions.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal