ClawHub

Moltbot Security

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only security hardening guide; its risky commands are disclosed and aligned with that purpose, but users should review them before running.

Install is reasonable if you want a security-hardening checklist for Moltbot/OpenClaw. Before following the commands, run audits without --fix first when possible, inspect remote installer scripts, confirm you have console or recovery access before firewall or SSH changes, and avoid running sudo commands on production or remote systems unless you understand the effect.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
  • Rogue AgentSelf-Modification, Session Persistence
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (6)

Missing User Warnings

Medium
Confidence
88% confidence
Finding
This guide instructs users to enable a firewall and modify SSH daemon settings, including restarting sshd, which can disrupt remote access or lock users out if misconfigured. While the document explains the security purpose, it does not clearly warn users about the operational risk of losing connectivity or recommend verifying console access/backups before applying these changes.

Session Persistence

Medium
Category
Rogue Agent
Content
**Permission meanings:**
- `700` = Only owner can access folder
- `600` = Only owner can read/write file

Or let OpenClaw fix it:
Confidence
60% confidence
Finding
write file Or let OpenClaw fix it: ```bash openclaw security audit --fix ``` --- ## Step 4: Disable Network Broadcasting **What this does:** Stops OpenClaw from announcing itself via mDNS/Bonjour

External Script Fetching

High
Category
Supply Chain
Content
```bash
# Linux
curl -fsSL https://tailscale.com/install.sh | sh
sudo tailscale up

# Mac
Confidence
90% confidence
Finding
curl -fsSL https://tailscale.com/install.sh | sh

Chaining Abuse

High
Category
Tool Misuse
Content
**Install UFW:**
```bash
sudo apt update && sudo apt install ufw -y
```

**Set defaults:**
Confidence
75% confidence
Finding
&& sudo

Chaining Abuse

High
Category
Tool Misuse
Content
**Ubuntu/Debian:**
```bash
curl -fsSL https://deb.nodesource.com/setup_22.x | sudo -E bash -
sudo apt-get install -y nodejs
```
Confidence
75% confidence
Finding
| sudo

Chaining Abuse

High
Category
Tool Misuse
Content
```bash
# Linux
curl -fsSL https://tailscale.com/install.sh | sh
sudo tailscale up

# Mac
Confidence
70% confidence
Finding
| sh

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal