ClawHub

Skill Guardian

Security checks across malware telemetry and agentic risk

Overview

This skill openly scans local OpenClaw skill files and maintains generated skill documentation, with no evidence of hidden code, credential access, exfiltration, or destructive behavior.

Install this only if you want automatic maintenance of Skill documentation. Expect it to scan OpenClaw skill directories, store hashes locally, create or update user-guide files, and modify the user-guides README when skills change; review those files if you maintain them by hand.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger conditions include broad natural-language phrases and automatic post-install hooks, which can cause the skill to activate in situations the user did not clearly intend. Because the skill performs scanning and follow-on maintenance actions, ambiguous invocation increases the risk of unintended file reads and state-changing operations across multiple workspaces.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The manual invocation rules remain ambiguous because example phrases are given, but there is no precise boundary for when the skill should or should not run. In a skill that recursively discovers workspaces and updates documentation, this ambiguity can lead to accidental execution and unintended modifications.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
This section explicitly authorizes automatic creation of user-guide files and overwrite of existing guides for changed skills, but does not require a clear warning or consent at the point of modification. Automatic overwrite of documentation can destroy user edits, introduce misleading content, or be abused by a malicious skill description to persist unwanted changes into trusted workspace files.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill describes automatic modification of README.md, including appending, moving, and renumbering entries, without an explicit user warning or confirmation. README files are trusted navigation surfaces, so silent edits can misrepresent capabilities, overwrite manual curation, and create persistence for inaccurate or adversarial content derived from scanned skills.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal