ClawHub

OneDrive Integration

Security checks across malware telemetry and agentic risk

Overview

The skill is a legitimate OneDrive file-copy helper, but it ships with a real machine-specific OneDrive configuration that could send copied files to an unintended synced folder unless replaced.

Install only if you intend to copy files into OneDrive. Before use, replace config.env with your own confirmed OneDrive path, verify the destination printed by the script, and avoid copying secrets, credentials, browser profiles, SSH keys, regulated data, or private documents unless you intentionally want them in cloud-synced storage.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Rogue AgentSelf-Modification, Session Persistence
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill performs environment access and reads/writes local files, including creating a persistent config file, but does not declare those capabilities. This is a real security/transparency issue because operators and policy systems cannot accurately assess what the skill can do, and the skill handles potentially sensitive file paths destined for cloud-synced storage.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill is specifically designed to copy files into a cloud-synced OneDrive folder for sharing, but the description does not clearly warn that sensitive local documents may be duplicated into cloud storage. In a chat-sharing context, that omission materially increases the risk of accidental data exposure because users may treat this as a simple formatting convenience rather than an upload/share action.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The script copies arbitrary user-specified local files into a OneDrive-synced directory, which can cause unintentional exfiltration of sensitive local data to cloud storage. In this skill's context, the entire purpose is sharing files externally, so the lack of explicit confirmation, file-type restrictions, or disclosure materially increases the risk of accidental exposure.

Session Persistence

Medium
Category
Rogue Agent
Content
- `ONEDRIVE_ROOT` (required) — e.g. `/mnt/c/Users/<windows_user>/OneDrive`
- `ONEDRIVE_SUBDIR` (optional) — default `openclaw`

If config is missing/unset, do **not** guess—ask Boss to confirm the correct OneDrive folder, then write `config.env`.

## Initialization / installation / onboarding
Confidence
78% confidence
Finding
write `config.env`. ## Initialization / installation / onboarding ### Preferred (chat-first) Because the primary interface is chat (Telegram), the preferred onboarding flow is: 1. Ask Boss to conf

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal