Workspace Review
Security checks across malware telemetry and agentic risk
Overview
This skill transparently audits an OpenClaw workspace for structure, memory hygiene, git status, and possible misplaced secrets without hidden execution or data exfiltration.
Install only for workspaces you are comfortable auditing locally. Its output can reveal private file names, git status, memory organization, and possible secret locations, so keep review reports private and avoid sharing them publicly.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.