ClawHub

Ling Shu Agent Designer

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Chinese-language workflow for designing OpenClaw agents and creating their local configuration files, with no executable payload or hidden behavior found.

Install this if you want a Chinese-language Agent-design workflow. Before allowing creation steps, review the scenario outline, target workspace path, openclaw.json changes, and any new skill package under ~/.qclaw/skills; avoid uploading confidential enterprise materials unless you are authorized to share them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The trigger phrases are broad enough to match ordinary requests such as asking how an industry might use agents or mentioning openclaw.json, which can cause the skill to activate when the user did not clearly request file creation or configuration changes. In this skill's context, that matters because its workflow progresses toward creating skills, workspace files, and binding configuration, so accidental activation can lead to unintended local modifications or premature execution-oriented guidance.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger table mixes advisory requests with operational requests, and phrases like '创建Agent' or '配置openclaw.json' rely on the agent to infer whether prerequisites are satisfied rather than using a hard safety boundary. Because this skill is designed to create a runnable agent and alter openclaw.json, ambiguity between discussion and execution increases the risk of unauthorized or surprising changes to the local workspace.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly defines a deliverable set that includes creating workspace files and configuring openclaw.json, but it does not warn users up front that local files may be created or modified. In a skill that positions itself as a designer but also performs setup actions, this omission can cause users to consent to planning help without understanding that configuration changes may follow.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill instructs users to upload enterprise introduction materials for analysis, but it does not include a privacy, confidentiality, or data-handling warning. Given that enterprise materials may contain internal strategy, customer, or operational data, the lack of notice and handling constraints increases the risk of oversharing sensitive information and inappropriate downstream use.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal