Clawmart Upload

Security checks across malware telemetry and agentic risk

Overview

This skill is purpose-aligned but should be reviewed because it can upload sensitive OpenClaw configuration, memory, user, and local skill contents to an external marketplace.

Review the file list carefully before uploading. Exclude USER, MEMORY, IDENTITY, TOOLS, and any local skills unless you intentionally want their full contents sent to ClawMart, and inspect local skill files manually because the built-in sensitive-data check does not cover them. Use a revocable token and revoke it if the local config file is exposed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The trigger phrase "upload my pack" is broad enough to match user intents that may not specifically mean publishing an OpenClaw configuration to ClawMart. That increases the chance this skill activates unexpectedly and begins a workflow that scans workspace files and prepares data for remote upload.

Ssd 3

High

Confidence: 98% confidence
Finding: The skill explicitly packages and uploads the full contents of configuration files and local skills to a third-party service, including highly sensitive files like USER.md and MEMORY data that can contain personal information, prompts, secrets, and behavioral context. Although it performs limited pattern checks, that does not reliably detect all sensitive data, so the workflow can cause substantial privacy and data-exfiltration risk even with user confirmation.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal