Security Audit
Security checks across malware telemetry and agentic risk
Overview
This skill is a disclosed OpenClaw security-audit helper, but it asks the agent to clone and run external scripts that can inspect sensitive local configuration.
Install only if you are comfortable letting the agent clone and run the referenced audit scripts. Run read-only checks first, review reports before sharing them, approve fix prompts only after understanding the change, and consider pinning or inspecting the GitHub repository because the executable audit code is external to the skill package.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.