Multi User Workspace

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only skill for managing multi-user workspace notes and sandbox examples; its sensitive behavior is disclosed and purpose-aligned, but it needs careful user ID validation and privacy handling.

Before installing, treat FRIENDS/ and RELATIONS/ as private data. Use strict userId validation such as lowercase letters, numbers, underscores, and hyphens only; match the userId to USER.md before reading any files; keep guest directories permissioned and periodically cleaned; and reserve unsandboxed administrator sessions for trusted users only.

SkillSpector

By NVIDIA

Vulnerability Patterns

Rogue AgentSelf-Modification, Session Persistence
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill encourages storing personal data such as names, roles, emails, preferences, and notes in per-user profile files, but provides no privacy classification, minimization guidance, retention rules, or access-control requirements for that data. In a multi-user workspace, this increases the risk of unnecessary collection, accidental disclosure, and cross-user exposure if profiles are read broadly or sandbox boundaries are misconfigured.

Session Persistence

Medium

Category: Rogue Agent
Content: **Directory Setup:** ```bash mkdir -p ~/.openclaw/workspace/guests/bob ``` **Notes:**
Confidence: 83% confidence
Finding: mkdir -p ~/.openclaw

VirusTotal

42/42 vendors flagged this skill as clean.

View on VirusTotal