ClawHub

OpenClaw Session Cleanup

Security checks across malware telemetry and agentic risk

Overview

This is a coherent OpenClaw operations skill, but it includes real host-changing cleanup and automation commands that users should run deliberately.

Install only if you want an OpenClaw operations runbook for session cleanup and runtime stabilization. Prefer cloning or downloading and inspecting the scripts instead of piping remote content directly to bash. Avoid `openclaw sessions clear` on active production work unless you have confirmed the sessions can be terminated, and enable cron, watchdog, or swap changes only when persistent background cleanup, possible gateway restarts, and disk usage changes are acceptable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (7)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The README recommends a one-command installation flow that fetches a remote shell script and executes it immediately, without any warning to inspect or pin the content first. This creates a supply-chain and remote-code-execution risk if the GitHub account, repository, branch, or network path is compromised, and the operational context makes it more dangerous because users are encouraged to run it on the same host that manages OpenClaw services.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The README recommends executing a remotely fetched installer via `curl | bash` without any integrity verification, pinning, or review step. This creates a direct supply-chain execution path: if the GitHub account, repository, branch, or network path is compromised, users may run attacker-controlled shell code immediately on their host.

Missing User Warnings

Medium
Confidence
82% confidence
Finding
The README advertises cleanup and automation actions such as prune/clear, cron-based cleanup, watchdog installation, and runtime configuration changes without warning about service disruption, data loss, or system-level side effects. In an ops skill, users may follow these instructions on production systems, increasing the chance of destructive or availability-impacting changes without informed consent.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill presents `openclaw sessions clear` as an escalation step without explicitly warning that it will remove active/stored sessions and may disrupt running work. In an operational runbook, omission of a destructive-action warning can cause an operator or agent to execute irreversible cleanup too quickly during troubleshooting.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill recommends installing cron jobs, watchdog unit files, and rendering configuration via shell scripts without warning that these actions persistently modify the host's scheduler, service configuration, or runtime settings. This is dangerous because operators may treat the commands as diagnostic-only when they actually create long-lived system changes that can affect future behavior and stability.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The swap setup sequence creates and enables a new swapfile, changing system storage and memory behavior immediately and persistently, but the skill does not warn about disk consumption, privilege requirements, or possible performance/operational side effects. On small VPS hosts, blindly applying this can exhaust disk space or alter host behavior in ways the operator did not intend.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The document instructs operators to run `openclaw sessions clear` as an escalation step but does not explicitly warn that this is a destructive action that can terminate all active sessions and disrupt legitimate work. In an operational runbook, omission of impact warnings increases the chance of accidental misuse during troubleshooting, especially under incident pressure.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal