User Authentication System

Security checks across malware telemetry and agentic risk

Overview

The skill is a coherent local authentication/RBAC guide, but it handles sensitive credential and account-control functions with ambiguous password and session-token handling that should be reviewed before production use.

Review before installing in any real accounting environment. Confirm the underlying openclaw auth implementation uses bcrypt, Argon2id, or scrypt for passwords; hashes incoming bearer tokens before lookup; never stores raw tokens; protects 2FA secrets; and requires explicit admin approval for all-client grants, role changes, password resets, deactivations, and session revocations.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Intent-Code Divergence

Medium

Confidence: 95% confidence
Finding: The session creation logic documents that only a salted SHA-256 hash is stored, but validate_session accepts a session_id directly and looks it up without showing a hash step. If callers pass bearer tokens directly and lookup is done on raw values, token-handling semantics become inconsistent and can lead to failed validation, accidental raw-token storage, or insecure shortcuts elsewhere in the stack.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal