openclaw-syncralis

Security checks across malware telemetry and agentic risk

Overview

This plugin does what it advertises, but users should understand it can read and publicly share workspace files when directed.

Install only if you want a gateway that can read files from its configured workspace, download remote files into that workspace, send search queries to Tavily or Brave, and create public Ngrok links for selected files. Review file previews before sharing links, keep the workspace narrow, and specify PDF page ranges for large or sensitive documents.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Intent-Code Divergence

Medium

Confidence: 95% confidence
Finding: The tool documentation promises that large PDFs will only be read in small page chunks, but the implementation defaults to returning all pages when pageEnd is omitted. In an agent setting, callers may rely on the documented safeguard and unintentionally exfiltrate or overexpose large sensitive documents in a single response, increasing data leakage risk and context overflow.

VirusTotal

61/61 vendors flagged this plugin as clean.

View on VirusTotal