ClawHub

Apollo Coordinator

Security checks across malware telemetry and agentic risk

Overview

The skill is a coordinator helper with a local status-check script; it reads OpenClaw workflow metadata and writes a local status report, but shows no exfiltration, credential use, or destructive behavior.

Before installing, understand that running the included check script will inspect OpenClaw workspace coordination metadata and save a local coordinator state file. This is consistent with the skill's purpose, but users who keep sensitive information in task or workflow status files should review those files first.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Tp4

High
Category
MCP Tool Poisoning
Confidence
95% confidence
Finding
The documented skill only describes task coordination, but the finding indicates undisclosed behavior that inspects internal workflow state, scans other skills, reads task-status files, and writes coordinator state. That is a significant capability expansion beyond user-visible intent and violates least surprise; if present, it enables unauthorized workspace reconnaissance and persistence of internal metadata that could be abused for monitoring or lateral discovery.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal