Security audit
ClawDoctor
Security checks across malware telemetry and agentic risk
Overview
ClawDoctor is a disclosed OpenClaw monitoring and recovery tool, but users should understand it runs persistently, reads OpenClaw operational files, sends Telegram alerts, and can restart the gateway.
Install only if you are comfortable with a persistent npm-based daemon reading OpenClaw operational files, storing local event history, sending alert details through Telegram, and restarting the gateway when it appears down. Start with dry-run mode, use a dedicated Telegram bot token, and enable auto-fix only in environments where automatic gateway restarts are acceptable.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.