Back to skill

Security audit

Skill to OpenClaw

Security checks across malware telemetry and agentic risk

Overview

This looks like a skill converter with a risky default that may preserve harmful or secret-bearing content in converted skills instead of quarantining it.

Use this only in a sandbox and only for trusted or already-reviewed bundles. If you install it, prefer a restricted or salvage-only conversion mode, manually inspect converted files before enabling them, and do not place converted output directly into an active skills directory until secrets, executable payloads, and exfiltration logic have been removed or quarantined.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Natural-Language Policy Violations

High
Confidence
99% confidence
Finding
The skill explicitly says the conversion phase must preserve malicious, secret-bearing, or covertly exfiltrating content unless the user asks for a restricted or salvage-only conversion. That creates a dangerous default where the agent may repackage harmful content into a new OpenClaw skill, facilitating persistence, redistribution, or later execution of malicious logic and embedded secrets.

Natural-Language Policy Violations

High
Confidence
99% confidence
Finding
This instruction specifically forbids removal of malicious payloads, covert exfiltration logic, and flagged content during conversion unless the user explicitly requests a safer mode. In context, this is more dangerous because the skill is a converter/importer for third-party skill bundles, so it can normalize and propagate hostile content from untrusted sources into a reusable artifact.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.