ClawHub
Back to skill

Security audit

Power User Pack

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed bundle wrapper for four named OpenClaw skills and contains no hidden code or unsafe behavior in the reviewed artifact.

Installing this bundle is reasonable if you intend to add all four listed skills. Review the included memory/session and Git automation skills individually before installing, because their permissions and data behavior are not visible in this bundle wrapper.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.