Back to skill

Security audit

Reply Session Fix 43ytnoa Xzc0tc

Security checks across malware telemetry and agentic risk

Overview

This is a coherent OpenClaw repair runbook, but it asks agents to make persistent privileged changes and delete session transcripts without enough rollback or safety guidance.

Install only if you operate the affected OpenClaw gateway and are comfortable with root-level operational changes. Before following the steps, back up relevant OpenClaw config and session data, verify the exact session key, avoid agent:main:main, schedule service reloads or restarts appropriately, and document how to remove the watchdog, nginx injection, and gateway patch.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill contains operational instructions to delete sessions, patch gateway code, reload nginx, and restart services, but it does not prominently warn about data loss, transcript deletion, downtime, rollback, or the need for backups/change control. In this context, `deleteTranscript:true` and direct modification of installed code can cause irreversible loss of session history or service disruption if an operator follows the steps on the wrong target or at the wrong time.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Static analysis

No suspicious patterns detected.