ClawHub

Openclaw Skill

Security checks across malware telemetry and agentic risk

Overview

This HR skill is coherent and not malware-like, but it grants broad access to sensitive employee and payroll systems without enough safeguards described.

Review before installing in a real HR environment. Use a least-privilege or read-only HalaOS API key where possible, test with non-production data first, store local HR records only in approved secured systems, and require explicit human approval before payroll, approvals, attendance changes, government filings, or employee-impacting analytics are used.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The README instructs the skill to route queries to cloud APIs that access live employee, payroll, attendance, leave, compliance, and analytics data, but it does not clearly warn users that prompts and HR data may be transmitted to an external service. In an HR context, this is especially sensitive because the data includes personal, financial, attendance, and inferred-risk information such as burnout and flight-risk metrics, so users may unknowingly expose regulated or confidential employee data.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
This skill describes broad access to highly sensitive HR, payroll, attendance, health-adjacent, and performance data, plus state-changing cloud actions such as payroll runs, approvals, and form generation, but it does not specify strong user-consent, role/permission checks, confirmation gates, or privacy warnings before those operations. In an HR context, this is especially dangerous because the data includes employee PII and sensitive employment records, and misuse could cause both privacy harm and real account-impacting changes such as unauthorized approvals, payroll execution, or exposure of attrition and burnout analytics.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal