OpenClaw Memory Audit

Security checks across malware telemetry and agentic risk

Overview

This is a local, read-only secret-audit skill that scans files and gives scheduling guidance without modifying systems or sending data out.

Install only where local workspace scanning is acceptable. Run it against the paths that actually contain your memory logs, and treat schedule verification as a separate cron.list check rather than something the Python script performs automatically. Review findings carefully because regex secret scanners can produce false positives.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Tp4

High

Category: MCP Tool Poisoning
Confidence: 88% confidence
Finding: The skill claims to verify recurring audit schedules and inspect memory logs, but the documented workflow only invokes a secret-scanning script and provides manual guidance for cron inspection. This mismatch can create a false sense of security, leading users to believe memory logs and scheduling posture were validated when they may not have been checked at all.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal