Multi Agent Blueprint

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only blueprint for configuring multi-agent OpenClaw teams, with sensitive integrations disclosed but requiring careful setup.

Install only if you are comfortable configuring agents that may route messages, retain memory, and centralize file or database access. Use separate workspaces, allowlist Telegram users and groups, keep bot/API tokens out of shared agent files, give File/Database Master agents least-privilege credentials, and avoid passing untrusted input into exec/curl commands.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Context-Inappropriate Capability

Medium

Confidence: 91% confidence
Finding: The FAQ explicitly advises that agents may call external APIs via `exec` using curl or scripts. In a skill whose stated purpose is multi-agent architecture and routing, this broadens capabilities into arbitrary shell execution and network access without guardrails, which can enable command execution, secret leakage, or unsafe outbound requests if copied into deployments.

Missing User Warnings

Low

Confidence: 84% confidence
Finding: The session-management section instructs agents to persist data to `memory/*.md` files before compaction, but does not clearly warn users that this creates durable local state and may store sensitive decisions, dates, or action items. That can lead to unexpected retention of private or regulated data, especially in shared or long-lived environments.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal