Back to skill

Security audit

Trent OpenClaw Security Assessment

Security checks across malware telemetry and agentic risk

Overview

This skill is a cloud-backed security audit helper that reads OpenClaw configuration and workspace skill code, redacts common secrets, and sends selected data to Trent with user confirmation before skill uploads.

Install only if you are comfortable sending redacted OpenClaw configuration metadata and, after confirmation, packaged skill/source code to Trent. Review the Phase 2 preview carefully, keep secrets in environment variables rather than source files, and delete generated .skill archives if you do not want local packaged copies to remain.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
97% confidence
Finding
The skill clearly invokes Python and shell snippets that read environment variables, scan local files, package workspace contents, and send data to external Trent services, yet it declares no permissions. This creates a trust and consent gap: users and platforms cannot accurately reason about the skill's capabilities, increasing the risk of unexpected data access and exfiltration during a security audit workflow.

Tp4

High
Category
MCP Tool Poisoning
Confidence
95% confidence
Finding
The skill is described as a security assessment tool, but its documented behavior includes broad workspace scanning, source packaging, secret redaction, and remote upload of skill contents. That mismatch can mislead users into authorizing an audit without realizing code and metadata will be collected and transmitted externally, which is especially sensitive in a security-focused context where users may assume local-only analysis.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The markdown explains that deployment metadata and later skill source code may be sent to an external service, but it does not foreground the privacy and confidentiality implications before initiating the workflow. Because this skill operates on security-sensitive configuration and source code, delayed or understated disclosure can lead users to expose proprietary code, topology, or credentials-derived metadata without fully informed consent.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.