Back to skill

Security audit

Drip OpenClaw Billing

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only billing telemetry skill that transparently uses Drip credentials to send expected usage records.

Install only if you want OpenClaw run, tool-call, customer, and usage metadata sent to Drip. Use a least-privilege telemetry key, avoid sensitive metadata, and validate billing meters and retry behavior in staging before production.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Env Variable Harvesting

High
Category
Data Exfiltration
Content
from drip import Drip
import os

client = Drip(api_key=os.environ['DRIP_API_KEY'])
run = client.start_run(customer_id='cus_123', workflow_id='wf_openclaw', external_run_id='openclaw_req_456')
client.emit_event(run_id=run.id, event_type='tool.call', quantity=1, metadata={'provider': 'brave'})
client.track_usage(customer_id='cus_123', meter='brave_api_calls', quantity=1, metadata={'runId': run.id})
Confidence
80% confidence
Finding
os.environ['DRIP_API_KEY']

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.