Back to skill

Security audit

Muguozi1 Openclaw Find Skills

Security checks across malware telemetry and agentic risk

Overview

This is a legitimate skill-discovery helper, but it encourages persistent global installation of third-party skills while skipping confirmation prompts.

Install only if you want an agent helper that searches for and helps install other skills. Review any suggested skill's source and publisher before installing it, avoid the '-y' confirmation skip, and prefer non-global installation unless you explicitly want a persistent user-level change.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
80% confidence
Finding
The trigger guidance is broad enough to activate on many generic user requests, which can cause the agent to steer users toward package discovery and installation even when they only wanted advice. In this skill's context, over-triggering is more dangerous because the skill directly recommends commands that install third-party code from external sources.

Vague Triggers

Medium
Confidence
82% confidence
Finding
The 'When to Use' section lacks clear boundaries and includes ambiguous conditions like asking 'can you do X,' which can capture routine assistance requests. Because this skill leads to external package search and possible installation, ambiguous activation increases the risk of unnecessary exposure to unvetted third-party skills.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill recommends `npx skills add <owner/repo@skill> -g -y`, which both modifies the user's environment globally and suppresses confirmation prompts. In a package-installation context, this is dangerous because it reduces user visibility and consent before installing code from external sources, increasing the chance of accidental or unsafe installs.

Natural-Language Policy Violations

Medium
Confidence
96% confidence
Finding
The metadata description is written in Chinese and effectively fixes the skill’s presentation to a specific language/locale without any indication of user preference or fallback. In a skill-discovery context, this can mislead routing, reduce transparency, and create a poor or exclusionary user experience for users expecting the system to adapt to their language settings.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.