ClawHub

Cost Guardian

Security checks across malware telemetry and agentic risk

Overview

This is a local cost-tracking skill that reads OpenClaw gateway logs only for token-cost summaries and does not show exfiltration, hidden execution, or privilege escalation.

Install if you are comfortable with a cost tool reading local OpenClaw gateway logs and keeping local cost summaries. Review the configured log directory and protect or periodically clean ~/.openclaw/workspace/costs/ if the model names, usage patterns, or subscription data would be sensitive in your environment; only add the suggested cron automation if you want recurring scans.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill advertises a `scan-tokens` feature that reads gateway logs, but it does not warn users that those logs may contain sensitive operational metadata such as model usage patterns, request timing, identifiers, or other usage-related data. This omission can lead users to run the command without understanding the privacy implications or validating log contents and access controls first.

Missing User Warnings

Medium
Confidence
79% confidence
Finding
The scan-tokens feature reads local gateway logs from several common locations and persists derived usage data into a local database without an explicit consent prompt or clear warning that logs may contain sensitive metadata. In agent environments, gateway logs can include model names, request patterns, and sometimes adjacent sensitive operational details, so broad log scanning increases privacy and data-minimization risk even though the code only stores parsed token/model fields.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal