SkillSentryOpenClaw's Always‑On Security Cop

Security checks across malware telemetry and agentic risk

Overview

The core audit script is local and mostly aligned with security scanning, but the recommended panel can show a clean result without performing a real scan.

Use the CLI audit script rather than trusting the panel’s clean result. Override WORKDIR/OUTDIR to the intended OpenClaw install, review JSON reports for sensitive snippets before sharing, and enable cron only if you deliberately want recurring local scans and know how to remove the schedule.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Low

Confidence: 79% confidence
Finding: The documentation instructs users to update config files and store reports locally, but it does not clearly warn that these actions will modify local state or create persistent artifacts. Even in a security tool, silent or underexplained file changes can surprise users, overwrite existing settings, or leave sensitive scan results on disk where other local users or processes may access them.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The script collects local status output and recursively scans workspace and memory content, then emits all results as a JSON report without any consent gate, minimization, or redaction. These sources can contain sensitive operational details, secrets, internal prompts, file paths, and other local metadata that may be exposed to downstream consumers of the skill output.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal