Wake On Lan

Security checks across malware telemetry and agentic risk

Overview

This Wake-on-LAN skill performs disclosed local-network wake, ping, and device-list management actions that fit its stated purpose, with some privacy and accidental-trigger caveats.

Install only if you are comfortable letting the agent send Wake-on-LAN packets and ping traffic on your local network, and storing device names, MAC addresses, broadcast addresses, and optional IPs locally. Review or delete ~/.config/openclaw/wol-devices.json when you no longer need saved devices.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Rogue AgentSelf-Modification, Session Persistence
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection

Findings (6)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 92% confidence
Finding: The skill explicitly relies on shell-capable behavior (`brew install wakeonlan`, invoking `wakeonlan`, and likely `ping`) but does not declare any permissions for shell execution. That creates a trust and transparency gap: users and the host platform may not realize the skill can execute local commands and perform network-affecting actions. In this context the behavior is aligned with the skill’s purpose, so it is not inherently malicious, but undeclared command execution still increases risk.

Tp4

High

Category: MCP Tool Poisoning
Confidence: 88% confidence
Finding: The description says the skill wakes devices by MAC address or saved name, but the documented behavior also includes persistent device storage, deletion, listing device identifiers, online-status probing via ping, and broadcast waking of all saved devices. This mismatch can cause users to authorize a simpler network utility while unknowingly granting a broader device-management and local-data persistence capability. The danger is primarily unexpected behavior and expanded attack surface rather than overtly malicious logic.

Description-Behavior Mismatch

Medium

Confidence: 85% confidence
Finding: The script maintains a persistent inventory of devices in ~/.config/openclaw/wol-devices.json and exposes operations to add, list, remove, query, and bulk-wake them. That goes beyond a minimal Wake-on-LAN helper and increases privacy and misuse risk because it stores network-relevant identifiers and enables repeated targeting of named hosts over time.

Context-Inappropriate Capability

Medium

Confidence: 92% confidence
Finding: The status command performs active network probing with ping against configured IPs, which is not necessary to send Wake-on-LAN packets. Even though it targets stored devices rather than arbitrary ranges, it still adds host discovery/reachability checking capability and can be used to monitor device presence, expanding the skill from waking devices into network reconnaissance.

Vague Triggers

Medium

Confidence: 95% confidence
Finding: The trigger `wake` is extremely broad and likely to collide with ordinary conversational language, increasing the chance of accidental invocation. Because this skill can send network magic packets, modify persistent config, and potentially wake multiple devices, an unintended trigger could produce real side effects on the local network or local state. The context makes this more dangerous than a read-only skill.

Session Persistence

Medium

Category: Rogue Agent
Content: # Install wakeonlan tool brew install wakeonlan # The skill will automatically create config at: # ~/.config/openclaw/wol-devices.json ```
Confidence: 84% confidence
Finding: create config at: # ~/.config/openclaw/wol-devices.json ``` ## Commands ### Wake by MAC Address Wake any device on your network using its MAC address: ``` wake <MAC address> [broadcast IP] ``` Examp

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal