ClawHub

openclaw-eho

Security checks across malware telemetry and agentic risk

Overview

This skill coherently provides Korean apartment transaction lookups through a disclosed external API, with no evidence of hidden access, persistence, destructive behavior, or credential use.

Before installing, confirm you trust the @brokimyeah/openclaw-eho package and avoid entering secrets or private personal details. Queries such as region, apartment name, transaction type, and date range will be sent to the external service and may appear in local logs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
80% confidence
Finding
The invocation guidance is broad and underspecified, telling the agent to 'just ask' and to force use of the installed plugin 'eho' without clearly defining safe parameters, expected schemas, or when the plugin should be used. This can cause unintended plugin invocation, misrouting of user requests, and increased prompt-surface for abuse or incorrect tool use, though the skill content itself does not contain directly malicious instructions.

Natural-Language Policy Violations

Medium
Confidence
72% confidence
Finding
The examples and guidance effectively assume Korean-language interaction ('서울시', '매매', '최근3개월') and instruct the user to use a specific phrasing, which can pressure the agent into a fixed-language workflow without user opt-in. While this is not a classic security flaw, it can reduce transparency, cause misuse of the skill for users in other languages, and increase the chance that the model follows rigid plugin-routing behavior instead of normal user intent.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal