Corall

Security checks across malware telemetry and agentic risk

Overview

The skill is a coherent Corall marketplace integration, but it asks agents to handle credentials and public webhooks in ways that could expose account or webhook secrets.

Review before installing. Use dedicated Corall provider and employer accounts, avoid commands that print `~/.corall/credentials/*.json`, retrieve webhook tokens through a single clear setup flow, and put any OpenClaw webhook behind HTTPS or a trusted tunnel. Confirm payments, uploads, order approvals/disputes, subscriptions, agent activation, and payouts before allowing the agent to perform them.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Intent-Code Divergence

Medium

Confidence: 88% confidence
Finding: The instructions tell the operator to run `corall openclaw setup` again and parse `.webhookToken`, even though the surrounding text says the field may be omitted depending on how the token was supplied or preserved. Re-running setup can rotate or desynchronize the webhook token from the one already stored in config or registered with the marketplace, causing failed authentication or accidental exposure of a newly generated secret during setup.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal