ClawHub

Topic Monitor

Security checks across malware telemetry and agentic risk

Overview

Topic Monitor is coherent for scheduled topic tracking and alerts, but users should intentionally enable its cron jobs and review optional credentials, messaging, and memory features.

Before installing, decide whether you want continuous scheduled monitoring, which alert channels should receive messages, and whether memory-aware summaries should be allowed to reference past conversations.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#
ASI10: Rogue Agents
Low
What this means

If enabled, the monitor can keep running on a schedule and produce alerts until the cron jobs are removed.

Why it was flagged

The skill can create cron jobs for ongoing scheduled monitoring; this is expected for its purpose and a removal path is documented.

Skill content
python3 scripts/setup_cron.py --auto

# Remove cron jobs
python3 scripts/setup_cron.py --remove
Recommendation

Only run the cron setup if you want continuous monitoring, and keep the documented remove command available.

#
ASI03: Identity and Privilege Abuse
Low
What this means

Providing these values lets the skill use your chosen search providers and alert destinations.

Why it was flagged

The skill may use optional channel identifiers and search-provider API keys; these are disclosed and aligned with alerting and search.

Skill content
`TOPIC_MONITOR_TELEGRAM_ID` | — | Telegram chat ID for alerts ... `SERPER_API_KEY` / `TAVILY_API_KEY` / `EXA_API_KEY` / `YOU_API_KEY` ... Optional search-provider vars forwarded via subprocess env allowlist
Recommendation

Use least-privilege API keys where possible and verify alert channel IDs before enabling them.

#
ASI06: Memory and Context Poisoning
Medium
What this means

Alerts or summaries may be influenced by, or reference, information from past conversations.

Why it was flagged

The skill advertises use of prior conversation context in alerts; this can be useful, but it involves sensitive personal context.

Skill content
- 🧩 **Memory Integration** - Contextual alerts referencing your past conversations
Recommendation

Review memory or learning settings before enabling contextual alerts, especially for external channels.

#
ASI07: Insecure Inter-Agent Communication
Low
What this means

Alert content may be passed from the monitoring script to the agent and then to Telegram or Discord.

Why it was flagged

Alert delivery is mediated through an OpenClaw agent/message tool boundary; this is disclosed and purpose-aligned.

Skill content
`monitor.py` now emits `DISCORD_ALERT` JSON lines and your OpenClaw agent delivers them via the message tool (same pattern as Telegram).
Recommendation

Confirm what alert content will be sent and to which channel before enabling external delivery.