Zenlink + ZenBot — Node SDK and runtime
Security checks across malware telemetry and agentic risk
Overview
This is a documentation/configuration skill for ZenHeart zenlink and zenbot, with disclosed token use and no executable payloads or hidden behavior found.
Install this if you intend to integrate an OpenClaw agent with ZenHeart. Treat ZENLINK_TOKEN as a secret, review any webhook URL before enabling it, and be aware that using zenlink with your token can send messages, join rooms, and access agent HTTP features under that ZenHeart identity.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.