OpenClaw Teaching

Security checks across malware telemetry and agentic risk

Overview

The skill mostly matches its teaching and document-generation purpose, but it has under-disclosed local file mutation and an unsafe Python import path that should be reviewed before installation.

Install only if you are comfortable with local file creation and knowledge-base edits. Review or remove the external sys.path insertion in generate_docs.py, keep outputs in a controlled folder, and require explicit user approval before update, delete, or restore operations.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The documentation instructs users to generate documents and update the knowledge base, but it does not clearly warn that these operations write or modify local files. In an agent context, unclear disclosure of state-changing behavior can cause unintended overwrites, silent local modifications, or user surprise about persistent changes.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The delete_knowledge path permanently removes matched content after creating a backup, but it performs no explicit confirmation, dry-run preview, or safety interlock before destructive modification. In a CLI/tooling context, this makes accidental or unintended deletions much more likely, especially if invoked by another agent, script, or with an overly broad or mistaken title value.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal