subagent-timeout-config

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed one-shot OpenClaw timeout configurator that edits the expected config file and optionally restarts the gateway.

Before installing, understand that this third-party skill can modify your OpenClaw config and may restart the gateway. Use --dry-run first, use --no-restart if you do not want an immediate restart, and confirm the intended profile when an agent activates it from a broad timeout request.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The trigger list includes broad phrases such as "configure timeout" and "openclaw timeout" that can match many ordinary support or troubleshooting requests, causing the skill to auto-activate when the user may only be asking for advice. Because this skill changes configuration and may restart the gateway, over-broad activation increases the chance of unintended state-changing actions from ambiguous prompts.

Vague Triggers

Medium

Confidence: 82% confidence
Finding: Several trigger phrases are broad, including generic terms like "set subagent timeout", "openclaw timeout", and especially "tool call timeout", which can overlap with ordinary user requests or unrelated troubleshooting. This can cause accidental invocation of a skill that performs file writes and optional process restart, making the broad matching more dangerous in this context than it would be for a read-only helper.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal