Openclaw Skill Checker
Security checks across malware telemetry and agentic risk
Overview
This is a markdown-only security checklist skill with one cautionary workflow that suggests installing target skills into a temp directory for review.
Safe to install as a checklist-style skill. When using it to review unknown skills, avoid running installer logic as the first step; prefer raw file review, archive inspection, or an isolated sandbox before any install command.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.