ClawHub
Back to skill

Security audit

Lite Mode

Security checks across malware telemetry and agentic risk

Overview

This low-memory helper is disclosed and purpose-aligned, with no evidence of hidden data access, persistence, exfiltration, or destructive behavior.

Install only if you want OpenClaw to trade capability and verbosity for lower memory use. Expect shorter responses, automatic memory checks before heavy work, possible skipping of browser/image tools when RAM is low, and context summarization in long sessions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (3)

Tp4

High
Category
MCP Tool Poisoning
Confidence
94% confidence
Finding
This is a mismatch because the description promises a broader low-RAM optimization behavior for OpenClaw, including trimming context and throttling skills, but the actual code merely performs a simple memory check and reports status. While memory checking is mentioned in the description, the primary purpose described is materially broader than what the code implements.

Vague Triggers

Medium
Confidence
91% confidence
Finding
This markdown file contains behavior instructions that appear globally active ('on every single turn, without exception') but does not clearly define the trigger conditions for when the skill is enabled beyond being 'running in lite mode.' That ambiguity can cause unintended invocation or persistent application of the skill outside a narrowly defined context.

Autonomous Decision Making

Medium
Category
Excessive Agency
Content
- If freeMB is 300-600: Proceed in strict mode. No browser, no parallel tasks.
- If freeMB > 600: Proceed normally but still follow all context rules below.

Run this check automatically. Do not ask the user whether to run it.

---
Confidence
80% confidence
Finding
Do not ask the user

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal