Diary Search
Security checks across malware telemetry and agentic risk
Overview
This skill is a disclosed diary and session search plugin that needs access to private OpenClaw memory and session files, with no artifact evidence of hidden or malicious behavior.
Install only if you are comfortable giving this npm-installed OpenClaw plugin access to your diary files, historical session transcripts, cron run records, and an exports folder. Use the cleanup feature only after reviewing the dry-run output, because it can delete checkpoint backup files from session directories.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.