ClawHub

OpenClaw Route Audit

Security checks across malware telemetry and agentic risk

Overview

This skill is a transparent local audit helper for OpenClaw cron notification routing, with disclosed local file access and no evidence of hidden self-modification or persistence.

Before installing or running it, confirm that the referenced OpenClaw cron config and cron_delivery_audit.py are files you are comfortable inspecting locally, and make sure openclaw-route-check on PATH is the trusted binary you expect. Avoid elevated privileges unless those /root/.openclaw files require them, and remember the helper temporarily writes audit JSON under /tmp.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Rogue AgentSelf-Modification, Session Persistence
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Self-Modification

High
Category
Rogue Agent
Content
- keep the skill read-only by default
- avoid embedding secrets, tokens, webhook URLs, cookies, chat ids beyond public examples already present in the user’s config
- avoid curl-to-shell installers in the skill
- avoid auto-download or self-update behavior
- prefer pinned local paths and deterministic commands
- include the upstream repository link in SKILL.md
- list required local paths and prerequisites explicitly
Confidence
90% confidence
Finding
self-update

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal