ClawHub

OpenClaw Automation Architecture

Security checks across malware telemetry and agentic risk

Overview

This is a guidance-only skill for designing OpenClaw automations, with no executable installer or hidden behavior found.

Install this as an automation planning aid, but review any automation before enabling it. Check schedules, cancellation paths, data sources, persistent state files, external connectors, indexed private documents, and explicit approval before public posts, payments, destructive changes, or configuration changes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Vague Triggers

Medium
Confidence
96% confidence
Finding
The description says to trigger on phrases like "automate this," "build a workflow," "reminder," "pipeline," and "save time," several of which are common, non-domain-specific expressions. Because the trigger list mixes specific terms with broad everyday language and provides no exclusions or negative examples, the activation scope is ambiguous and may overlap with unrelated user requests.

Autonomous Decision Making

Medium
Category
Excessive Agency
Content
- Do not add an external platform if `cron` + tools + scripts already solve it.
- Do not build giant all-in-one jobs when two small jobs with a file handoff are clearer.
- Do not rely on repeated polling if eventing or longer waits work.
- Do not send external messages without approval when approval is required.
- Do not put business logic only in your head; store it in files, prompts, scripts, or config.
- Do not make every failure page the user. Some failures should log quietly and retry later.
Confidence
75% confidence
Finding
without approval

Autonomous Decision Making

Medium
Category
Excessive Agency
Content
- Prefer **small reliable systems** over giant brittle flows.
- Separate **trigger**, **execution**, **state**, **delivery**, and **recovery**.
- Pick the cheapest primitive that can do the job well.
- Do not ask the user to choose among primitives unless the trade-off materially affects behavior, cost, or reliability.

## Quick Selection
Confidence
80% confidence
Finding
Do not ask the user

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal