Advanced OpenClaw System Health Check & Repair

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed OpenClaw health-check skill, with the main caution that its cron option can set up recurring local checks.

Before installing, confirm the local openclaw CLI is the expected trusted binary. Treat audit output and logs as potentially sensitive, review any repair or hardening suggestions before applying them, and enable cron only if you want recurring checks that may continue after the session.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Low

Confidence: 92% confidence
Finding: The skill advertises a `cron` setup command that will modify the host's scheduled tasks, but it does not warn the user that this is a persistent system change. In an agent setting, omission of that warning can lead to unintended persistence or surprise background execution, especially if a user expects a read-only health check rather than configuration changes.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal