Free Models for OpenClaw and other Agents

Security checks across malware telemetry and agentic risk

Overview

This skill appears to fetch and filter OpenRouter model listings as described, with a minor unnecessary API-key requirement.

Reasonable to install for OpenRouter model discovery. Before running the CLI, note that it asks for an OpenRouter API key even though this version does not transmit or need it for the model-list request; use a limited key if you choose to set one and re-check future versions for credential-handling changes.

SkillSpector

By NVIDIA

Vulnerability Patterns

System Prompt LeakageDirect Leakage, Indirect Extraction, Tool-Based Exfiltration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Intent-Code Divergence

Low

Confidence: 96% confidence
Finding: The header and main flow state that OPENROUTER_API_KEY is required, and the CLI exits if it is missing. However, the actual network call in fetchAllModels uses a plain fetch to the public models endpoint and never includes the API key in headers or query parameters. This is an intent/documentation mismatch rather than a security-sensitive behavior change.

Direct Prompt Extraction

High

Category: System Prompt Leakage
Content: const models = await fetchAllModels(); return models.filter((m) => { const promptPrice = parseFloat(m.pricing.prompt); return promptPrice === 0 || promptPrice < 0.0001; }); }
Confidence: 85% confidence
Finding: return prompt

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal