技能编辑器
Security checks across malware telemetry and agentic risk
Overview
This is a transparent instruction-only skill for editing OpenClaw skill metadata, with no executable code or credential requirement.
Safe to install for skill editing. Review diffs carefully before relying on edited skills, especially trigger descriptions, version fields, package.json, and any newly declared environment variables.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.