Security Audit for OpenClaw

Security checks across malware telemetry and agentic risk

Overview

This security-audit skill is a disclosed local logging and audit helper, with minor documentation caveats but no evidence of hidden installation, exfiltration, or unsafe automatic behavior.

Install only if you want a local record of risky agent actions. Avoid logging raw secrets, review audit logs before sharing them, enable notifications only to trusted channels, and run config audits without `--fix` first so you can review changes before applying them.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The guide states the skill 'installs automatically when triggered' but does not define what counts as a trigger or what installation actions occur. In an agent setting, ambiguous activation conditions can cause unexpected execution or deployment of monitoring/persistence behavior without clear user intent, which is a security and consent problem.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal