OpenClaw Code Review

Security checks across malware telemetry and agentic risk

Overview

This is a local code review helper whose file reading, Git queries, and report generation fit its stated purpose.

Install this if you want a local Python-based code review utility. Run it only in repositories and paths you intend to inspect, choose any report output path deliberately, and treat reports from untrusted repositories with normal caution because repository-controlled filenames and source snippets may appear in terminal or Markdown output.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal