ClawHub

VPS Agent Migration

Security checks across malware telemetry and agentic risk

Overview

This skill appears to perform a real VPS migration task, but it handles live credentials and remote system changes in ways users should review carefully before installing.

Install only if you understand and control both machines. Prefer SSH keys with verified host fingerprints, avoid putting passwords or tokens directly in commands, back up local and remote configs first, validate all substituted values, rotate the Discord token after migration, and disable the local account only after the VPS agent is confirmed healthy.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

High
Confidence
96% confidence
Finding
The skill explicitly instructs the operator to extract a Discord bot token from a local configuration file and reuse it on a remote VPS, then inject it into another config file. This exposes a long-lived secret during migration, encourages insecure secret handling, and provides no guidance on minimization, rotation, masking, or least-privilege controls; compromise of the VPS or shell history could lead to full bot/account takeover.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The skill uses password-based SSH with sshpass and disables StrictHostKeyChecking, which removes server identity verification and makes man-in-the-middle interception much easier. Embedding passwords in command lines also risks exposure through shell history, process listings, logs, and operator screenshots.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill modifies both remote and local OpenClaw configuration, adds bindings, restarts services, and disables the local account without any backup, validation, or rollback procedure. In this context, that can cause service disruption, misrouting, lockout, or accidental downtime, especially because the same workflow is also moving live credentials and changing account state across hosts.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal