OAuth Providers

Security checks across malware telemetry and agentic risk

Overview

This is a coherent OAuth settings skill, but it asks OpenClaw to reuse sensitive login credentials from other tools and persists them broadly enough to deserve manual review.

Review before installing. Use provider API keys unless you intentionally want OpenClaw to reuse Claude/OpenAI subscription credentials, avoid the Claude auto-detect flow unless you understand the account and policy implications, and verify/remove stored profiles and secrets in ~/.openclaw after setup. Static scan was clean and VirusTotal was pending, so the Review verdict is based on artifact-backed credential-handling scope, not malware telemetry.

SkillSpector

By NVIDIA

Vulnerability Patterns

Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Credential Access

High

Category: Privilege Escalation
Content: - User runs `claude setup-token` in terminal to generate a `sk-ant-oat01-...` token - Pastes token into UI - Validated by `validateAnthropicSetupToken()`, stored via `buildTokenProfileId()` + `upsertAuthProfile()` - **Auto-detect button**: Reads existing `accessToken` from `~/.claude/.credentials.json` (under `claudeAiOauth`) and stores it via `auth.login.anthropic-auto` RPC - **⚠️ Important**: Anthropic has blocked some subscription usage outside Claude Code. The docs warn: *"This credential is only authorized for use with Claude Code."* Setup-token support is "technical compatibility only" with policy risk. If you get a "not authorized" error, an API key is required. ### API Keys (all providers)
Confidence: 91% confidence
Finding: credentials.json

Credential Access

High

Category: Privilege Escalation
Content: |---|---| | `auth.login.status` | List all configured auth profiles | | `auth.login.anthropic-token` | Validate + store Anthropic setup-token | | `auth.login.anthropic-auto` | Auto-detect token from `~/.claude/.credentials.json` | | `auth.login.openai-codex` | Run PKCE OAuth (opens browser) | | `auth.login.openai-codex.submit-code` | Manual paste of redirect URL (WSL2 fallback) | | `auth.login.remove` | Remove a profile by `profileId` |
Confidence: 89% confidence
Finding: credentials.json

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal