ClawHub

Agent Maker

Security checks across malware telemetry and agentic risk

Overview

This skill is meant to create OpenClaw agents, but it writes persistent local agent files with weak path and overwrite safeguards.

Install only if you are comfortable with a skill that creates persistent local agent configurations in your home directory. Use simple kebab-case names, avoid custom workspace paths unless you have reviewed the exact path, check whether an agent already exists first, and review generated files before enabling or using the new agent.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Tp4

High
Category
MCP Tool Poisoning
Confidence
92% confidence
Finding
The skill is described as a conversational assistant for generating agent configs, but the observed behavior includes reading local agent state, validating files, and creating directories/files on disk. This mismatch is dangerous because users may invoke it expecting a guided chat flow while it performs broader filesystem operations on sensitive OpenClaw workspace paths.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The README describes generating agent configuration files and creating workspaces under user home directories, but it does not prominently warn that the skill will write files and directories on the local system. In a skill that scaffolds agents and workspaces, unclear disclosure can lead users to authorize filesystem changes without understanding scope, increasing the risk of unintended persistence or unsafe deployment of generated agents.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill writes new agent files under ~/.openclaw/workspace/agents, but this side effect is not prominently disclosed in the main description before use. Silent creation of executable/configuration artifacts can alter agent behavior, persistence, or trust boundaries in the local environment without sufficiently informed user consent.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal