Security audit

09 AI编程

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only OpenClaw skill-creation guide, with a caution that its examples encourage broad remembered tool triggers.

Safe to install as documentation. Before following its examples, review any tool scripts yourself, use specific trigger phrases, avoid persistent auto-run rules for destructive or account-changing actions, and install Python packages only from trusted sources.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 79% confidence
Finding: The document suggests broad natural-language triggers such as asking to query a stock, with no confirmation gates, parameter validation, or explicit tool-use constraints. In agent settings, vague trigger phrases can cause unintended tool invocation, especially if nearby context or retrieval causes the assistant to generalize and execute actions when the user only intended discussion or planning.

Vague Triggers

Medium

Confidence: 83% confidence
Finding: These additional examples reinforce unconstrained trigger-to-action mappings like '查询600519' or '市场概况' without requiring explicit opt-in, confirmation, or sandboxing. That increases the risk of accidental or prompt-induced execution of external code paths, which is especially relevant in agent environments that can call local scripts or APIs.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal