OpenClaw Task Scheduler

Security checks across malware telemetry and agentic risk

Overview

This is a plausible task scheduler, but it asks for background execution authority and documents network task updates without enough safety boundaries.

Install only if you need a background task scheduler and can control how it runs. Keep any WebSocket service bound to localhost unless you add authentication and TLS, avoid broadcasting sensitive task results, pin dependencies, and do not rely on the advertised cron or WebSocket features until the implementation is fixed and tested.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The documentation shows a WebSocket service publishing task IDs, descriptions, statuses, timestamps, and even result payloads, while configuration binds the service to 0.0.0.0 with no mention of authentication, authorization, encryption, or data minimization. In a task scheduler context, those updates can expose sensitive task metadata or results to unauthorized local or network clients, especially if operators copy the example configuration directly.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal