Security audit

Linux Desktop

Security checks across malware telemetry and agentic risk

Overview

This plugin is a disclosed Linux desktop integration that is gated by OpenClaw tool policy and per-action config, with no evidence of hidden exfiltration or destructive behavior.

Install only if you want an agent to have Linux desktop visibility/control. Keep app launch, window focus, media control, screen capture, and screen read disabled unless needed, and be aware that enabling screenRead.allowCapture lets a screen.read request trigger a consented live screenshot that is sent to the Gateway/model as an image result.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The screen.read path can trigger a new screen capture when artifactPath is omitted and then immediately base64-attach the resulting image to the tool output. Although the code enforces portal consent and requires config.screenRead.allowCapture=true, this path provides a read operation that can become a capture-and-exfiltration operation, which increases the risk of unintentionally exposing sensitive on-screen data to the calling agent/model.

VirusTotal

62/62 vendors flagged this plugin as clean.

View on VirusTotal