Security audit
Skill Vetter V2 0.0.6
Security checks across malware telemetry and agentic risk
Overview
This skill is a disclosed local review workflow with an optional reminder hook and no evidence of hidden network, credential, destructive, or privilege-seeking behavior.
This appears safe to install as a review aid. Be aware that enabling the optional OpenClaw hook will add a startup reminder to agent bootstrap; only enable it if you want that persistent reminder. When using optional verification, follow the skill's own guidance and send only the final structured report, not secrets or private repositories.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
63/63 vendors flagged this skill as clean.
Static analysis
No suspicious patterns detected.
