ClawHub
Back to skill

Security audit

OpenClaw Security

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed local PII-audit skill that scans session content and stores masked audit records locally.

Install only if you want local PII auditing of session, prompt, context, or knowledge-base content. Before enabling background scans, decide which content sources are authorized, review the audit directory and retention settings, use --no-cache when complete scan coverage matters, and use --delete-after-read only for temporary scan files you intend to remove.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
87% confidence
Finding
The activation condition 'background audit on session content' is ambiguous and does not define what content may be scanned, under whose authority, or when consent is required. That ambiguity can expand the skill's reach to entire sessions, prompts, or knowledge bases, increasing the risk of over-collection and local retention of sensitive information beyond user expectations. In this skill, that is particularly concerning because it explicitly instructs scanning multiple content sources asynchronously and logging outcomes.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The activation condition 'background audit on session content' is ambiguous and does not define what content may be scanned, under whose authority, or when consent is required. That ambiguity can expand the skill's reach to entire sessions, prompts, or knowledge bases, increasing the risk of over-collection and local retention of sensitive information beyond user expectations. In this skill, that is particularly concerning because it explicitly instructs scanning multiple content sources asynchronously and logging outcomes.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal