Z.AI Coding Plan Setup

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed setup guide for routing OpenClaw coding work through Z.AI models and optional Z.AI MCP tools, with privacy and secret-handling caveats users should understand.

Install only if you intend OpenClaw coding requests to use Z.AI services. Use a dedicated API key, avoid pasting real bearer tokens into shell commands where they may enter history, protect ~/.openclaw/openclaw.json, and do not use the provider or MCP tools with secrets, proprietary code, regulated data, or customer information unless that third-party use is approved.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The skill explicitly instructs users to install MCP tools that transmit user queries, webpage contents, and GitHub repository data to third-party Z.AI endpoints, but it does not warn users about privacy, data handling, or the risk of exposing proprietary code and sensitive prompts. In a coding workflow, these tools are likely to be used on internal repositories and confidential debugging context, which makes the omission materially risky.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal