ClawHub

Cls Openclaw Insights

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed OpenClaw monitoring skill that uses Tencent Cloud credentials to read logs and metrics, with notable operational caution but no artifact-backed malicious behavior.

Install only if you are comfortable allowing the agent to use Tencent Cloud credentials to read OpenClaw CLS logs and metrics. Use least-privilege temporary credentials, review the region, topic, time range, and query before running, avoid exposing raw session or audit logs unnecessarily, and install with current patched or locked dependency versions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (6)

Context-Inappropriate Capability

Medium
Confidence
97% confidence
Finding
The documentation instructs the agent to install tccli and run an interactive cloud authentication flow that opens a browser and writes temporary credentials locally. That materially expands the skill from passive log analysis into software installation and credential acquisition, which can expose cloud access, alter the environment, and exceed the principle of least privilege.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The trigger conditions include a broad catch-all for essentially any request involving OpenClaw monitoring analysis, which can cause the skill to activate unexpectedly. In this skill's context, accidental activation is more dangerous because the workflow includes credential checks, cloud API usage, and even instructions for interactive authentication.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The document instructs users to authenticate to the Prometheus-compatible API with Tencent Cloud secret credentials via Basic Auth, but it provides no warning about the sensitivity of those values or safe handling practices. In an agent-skill context, this increases the chance that operators paste long-lived credentials into commands, logs, scripts, or chat context, which can lead to credential disclosure and broader cloud access if those secrets are exposed.

Unpinned Dependencies

Low
Category
Supply Chain
Content
tencentcloud-sdk-python>=3.0.0
requests>=2.20.0
Confidence
93% confidence
Finding
tencentcloud-sdk-python>=3.0.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
tencentcloud-sdk-python>=3.0.0
requests>=2.20.0
Confidence
98% confidence
Finding
requests>=2.20.0

Known Vulnerable Dependency: requests — 10 advisory(ies): CVE-2014-1830 (Exposure of Sensitive Information to an Unauthorized Actor in Requests); CVE-2024-47081 (Requests vulnerable to .netrc credentials leak via malicious URLs); CVE-2024-35195 (Requests `Session` object does not verify requests after making first request wi) +7 more

High
Category
Supply Chain
Confidence
99% confidence
Finding
requests

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal