ClawHub

Peon Ping for Openclaw

Security checks across malware telemetry and agentic risk

Overview

The skill mostly does what it advertises, but it should be reviewed because it can automatically install software and run an unpinned remote installer.

Install only if you want an agent to set up PeonPing and enable audible/notification alerts on your machine. Prefer the Homebrew path, and do not allow the curl-to-bash fallback unless you have reviewed or pinned the upstream installer and explicitly approve the install.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
96% confidence
Finding
The fallback path downloads and immediately executes a remote shell script using `curl | bash`, which gives the upstream source arbitrary code execution on the user's machine. In a skill intended for simple alert-sound setup, this is broader than necessary and especially risky because it normalizes unaudited script execution without meaningful warning or verification.

Vague Triggers

Medium
Confidence
83% confidence
Finding
The description is broad enough to match generic requests about coding or agent workflow sounds, which can cause the skill to trigger in situations where the user did not explicitly ask for software installation or system configuration changes. That increases the chance of unexpected execution of package installation and configuration commands on the host.

Missing User Warnings

High
Confidence
95% confidence
Finding
The skill instructs the agent to immediately run installation and configuration commands, including a remote script fallback, without explicit warning, consent gating, or explanation of system changes. In agent environments, this can lead to silent package installation, persistence-affecting configuration, and arbitrary code execution from upstream sources.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal