Back to skill

Security audit

Openclaw Ai Doctor

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed OpenClaw troubleshooting guide with potentially disruptive manual repair commands, but no hidden execution or unrelated behavior was found.

Install only if you want an OpenClaw troubleshooting checklist. Treat every shell snippet as a manual repair command: verify paths first, run only the section matching your problem, expect restarts or killed sessions to interrupt work, and redact API keys, tokens, logs, config, policy, and memory contents before sharing output.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill recommends operationally destructive actions such as killing sessions and deleting lock files without any warning about possible data loss, race conditions, or the need to verify the target path first. In a troubleshooting skill, users are likely to copy-paste commands directly, which increases the chance of accidental disruption or deletion if the environment differs from expectations.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill instructs users to export a new API key and inspect or modify sensitive configuration and workspace permissions without warning about secret handling, shell history exposure, or least-privilege concerns. Troubleshooting content that touches credentials is especially risky because users may expose live secrets in logs, terminals, screenshots, or over-broaden filesystem access.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill recommends deleting the skills index and rebuilding it without explaining possible side effects such as temporary service disruption, loss of local state, or acting on the wrong file if the path is unexpected. Because this is framed as routine treatment, users may execute it without understanding recovery steps or verifying what will be removed.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

Detected: suspicious.destructive_delete_command

Documentation contains a destructive delete command without an explicit confirmation gate.

Warn
Code
suspicious.destructive_delete_command
Location
SKILL.md:79