Security audit

Agent Task Status

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed local audit helper that reads OpenClaw agent transcripts only when the user runs it.

Install and run this only in OpenClaw environments whose agent transcripts you intend to audit. Prefer explicit --agents lists over broad --discover scans, choose --base carefully, and treat terminal or saved JSON/table output as sensitive because it may contain task details, report text, risk notes, and local transcript paths.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 89% confidence
Finding: The skill instructs the user to run a bundled Python script that reads agent session indexes/transcripts, uses environment-controlled paths, and can write output files, but the manifest does not declare these capabilities. This creates a transparency and policy-bypass problem: operators may invoke the skill without realizing it can access potentially sensitive transcript data from arbitrary agent roots and persist results to disk.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.