Bug Fixer

Security checks across malware telemetry and agentic risk

Overview

This bug-fixer is mostly purpose-aligned, but it can automatically send repair status through a Feishu helper without clear user-facing disclosure or consent.

Install only if you are comfortable with the skill writing repair logs under ~/.openclaw and with the possibility that repair summaries are sent through an existing Feishu helper. Review or disable the Feishu helper path before use, and run it first in a test workspace with non-sensitive error logs.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (4)

Context-Inappropriate Capability

Medium

Confidence: 94% confidence
Finding: The script automatically sends bug-fix reports to an external Feishu integration, which exceeds the stated purpose of local diagnosis and repair. Because the report includes error type, verification results, and file paths, it can disclose internal operational details to a third party without explicit approval, creating an avoidable data-exfiltration channel.

Vague Triggers

Medium

Confidence: 87% confidence
Finding: The skill description is broadly framed as applying whenever a user reports a bug, error, or unexpected behavior, which can cause it to activate for many ordinary support or debugging requests. Because the skill is explicitly autonomous and geared toward repair, over-broad triggering increases the chance of unintended code changes or repair actions being proposed or executed in contexts where the user expected analysis only.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The document advertises autonomous diagnosis and repair, including running a fix script, but does not clearly warn that the skill may modify code, files, or system state. In a bug-fixing context, this omission is dangerous because users may invoke it expecting analysis while the workflow proceeds to repair execution, creating risk of unintended destructive changes, configuration drift, or unsafe edits.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The skill sends repair details externally without any user-facing warning, consent, or confirmation flow. In the context of an autonomous bug fixer, logs and repair summaries may contain sensitive codebase details, internal paths, or incident information, so silent transmission materially increases confidentiality risk.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal