Session History Enhanced

Security checks across malware telemetry and agentic risk

Overview

This skill is locally scoped and mostly purpose-aligned, but its delete flows can mislead users about whether chat transcripts are permanently deleted or archived.

Review before installing if your OpenClaw sessions contain private or important data. Fix the confirmation text and deleteTranscript flags so each delete action clearly matches what will happen to the transcript, and consider adding safer recovery or soft-delete behavior.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Intent-Code Divergence

Medium

Confidence: 95% confidence
Finding: The confirmation dialog tells the user the session entry will be deleted and the transcript archived, but the request actually sets deleteTranscript: true, which can permanently remove transcript data instead of preserving it. This is a security-relevant integrity and availability issue because users may authorize an action based on misleading UI text and unintentionally destroy audit/history data.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal