OCC for OpenClaw
Security checks across malware telemetry and agentic risk
Overview
This skill is a disclosed audit-proof helper for OpenClaw, with its network notarization and install steps aligned to that purpose.
Install this only if you want OpenClaw action audit proofs. Review what metadata is sent to the default notary, use stub mode or self-hosting if audit metadata should stay local, and verify the npm package before running the global install.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.