Security audit
OpenClaw Performance
Security checks across malware telemetry and agentic risk
Overview
This is a local Python performance-analysis skill that reads user-selected source files and shows no hidden network, credential, persistence, or destructive behavior.
Reasonable to install for local code-performance review. It reads source files or directories you point it at, so avoid broad scans of folders containing secrets. The profile and benchmark commands it prints may execute your project code if you choose to run them, so only do that for code you trust.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.