Back to skill

Security audit

Longevity OS

Security checks across malware telemetry and agentic risk

Overview

This health-bundle router is not malicious, but it should be reviewed because it directs installation of external code that changes OpenClaw skill loading and can persist sensitive health data.

Install only after reviewing the linked repository, especially scripts/install_bundle.py, the sub-skill definitions, and cron templates. Pin a trusted commit before running the installer, confirm changes to ~/.openclaw/openclaw.json, enable cron jobs only intentionally, and back up longevityOS-data before uninstalling or deleting the bundle.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
80% confidence
Finding
The README explicitly advertises broad natural-language routing such as freeform statements about meals or sleep, which can cause the agent to invoke health-related skills without a clear command boundary. In a health bundle that stores sensitive data and can trigger downstream processing, ambiguous activation increases the chance of unintended collection, logging, or action.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The README describes storing meals, Apple Health imports, experiment data, and proactive cron-driven coaching, but it does not prominently warn users about privacy implications, retention, or the sensitivity of the data being processed. For a health-focused skill, omission of an explicit privacy warning materially increases risk because users may share or import highly sensitive data without informed consent.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The uninstall instructions direct deletion of the bundle directory and state that this removes the installed skills, copied files, and longevityOS-data, but they do not provide a clear pre-deletion warning that user health, nutrition, and experiment data will be lost. Because the bundle handles sensitive and potentially valuable personal records, this creates a meaningful risk of accidental irreversible data loss.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The skill routes broadly on any health-related natural language and encourages the agent to forward user messages to sub-skills without a clear confirmation boundary, scope check, or ambiguity handling. In a health bundle, this can cause unintended invocation of sensitive workflows, over-collection of health data, or misrouting of user requests to tools that process personal medical information.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

Detected: suspicious.destructive_delete_command

Documentation contains a destructive delete command without an explicit confirmation gate.

Warn
Code
suspicious.destructive_delete_command
Location
README.md:289