Skill Fleet Monitor

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent security-audit helper that reads installed skill manifests, checks public ClawHub information, and may save a local audit report.

Install if you are comfortable with the skill reading your installed skill manifests, checking public ClawHub/search pages, and, in the full workflow, saving local reports that may include skill names, versions, authors, and risk notes. Review or delete old reports if that inventory is sensitive.

SkillSpector

By NVIDIA

Vulnerability Patterns

Rogue AgentSelf-Modification, Session Persistence
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Missing User Warnings

Low

Confidence: 94% confidence
Finding: The skill instructs the agent to persist a fleet health report under the workspace memory directory, which can store potentially sensitive metadata about installed skills, authors, versions, and security status. While this appears intended for auditability rather than abuse, it creates local data retention without explicit user consent, retention limits, or privacy warning.

Session Persistence

Medium

Category: Rogue Agent
Content: 9. If any 🚨 items are found, surface them immediately to the operator. Do not wait for the next scheduled check. 10. Write the report to `~/.openclaw/workspace/memory/fleet-monitor-{YYYY-MM-DD}.md` for audit trail purposes. ## Examples
Confidence: 93% confidence
Finding: Write the report to `~/.openclaw

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal