Grill Gate

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it installs an OpenClaw runtime gate that can block selected agent tool calls until a local review token is present.

Install only if you want a plugin that can block agent exec or subagent-spawn actions. Review and narrow the trigger words, blocked commands, token directory, and token TTL before relying on it, and do not assume tokens are truly one-use unless the implementation is fixed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Rogue AgentSelf-Modification, Session Persistence
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration

Findings (3)

Vague Triggers

Medium

Confidence: 83% confidence
Finding: The trigger list includes very generic terms like 'design', 'plan', 'develop', and 'research', which are likely to appear in many ordinary prompts. That can cause overblocking or policy manipulation, where benign tasks are unnecessarily forced through the grill workflow, creating denial-of-service against normal agent operation and incentivizing users to adopt unsafe exemptions.

Session Persistence

Medium

Category: Rogue Agent
Content: ## Configuration Create `~/.openclaw/grill-gate.json` (all fields optional): ```json {
Confidence: 77% confidence
Finding: Create `~/.openclaw

Unpinned Dependencies

Low

Category: Supply Chain
Content: "typescript": "^6.0.3" }, "dependencies": { "openclaw": "^2026.5.22" } }
Confidence: 84% confidence
Finding: "openclaw": "^2026.5.22"

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal