Security audit

SecOpsAI for OpenClaw

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed SecOps helper that runs a local CLI to read and triage OpenClaw security findings, with notable but purpose-aligned write and automation capabilities.

Install only if you trust the external secopsai repository and its Python dependencies. Start with read-only commands, confirm exact finding IDs and dispositions before close/orchestrate/apply-action workflows, back up the SOC database before unattended automation, and treat audit-log summaries as sensitive.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (3)

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The listed invocation phrases such as "show findings" and "list findings" are generic enough that ordinary conversation could unintentionally trigger command execution. In this skill, that risk is amplified because matched phrases lead directly to shell execution via the exec tool, even if the mapped actions are nominally read-only.

Vague Triggers

Medium

Confidence: 96% confidence
Finding: The trigger phrases for the triage orchestrator (for example, "process open findings") are broad and map to a write-capable workflow that can auto-close findings. Although the document says to confirm before running, ambiguous matching still increases the chance that normal conversation is interpreted as authorization for a state-changing operation.

Vague Triggers

Low

Confidence: 84% confidence
Finding: The IOC-related phrases like "refresh intel" and "check iocs" are generic and could be matched during ordinary discussion. These commands are less dangerous than the write-oriented triage actions, but they still cause shell execution and may initiate unintended local processing or data refresh operations.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.