ClawHub

Gateway Restart Profiler

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a real Gateway restart profiler, but it can stop and restart OpenClaw Gateway with elevated privileges without requiring explicit confirmation.

Install only if you are comfortable letting an agent restart OpenClaw Gateway and potentially interrupt active work. Run it during a maintenance window, explicitly approve the restart before execution, avoid elevated mode unless necessary, and review generated reports before sharing them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (5)

Description-Behavior Mismatch

Medium
Confidence
96% confidence
Finding
The script is described as a profiler, but it actively stops and restarts the Gateway, causing immediate service disruption rather than passively analyzing existing restart behavior. In an agent/skill context, invoking this script can unexpectedly interrupt a live service and may lead to availability loss or operational impact if run on production systems.

Context-Inappropriate Capability

Medium
Confidence
92% confidence
Finding
The generated HTML report pulls Chart.js from a third-party CDN, introducing external code execution when the report is opened in a browser. This creates supply-chain and privacy risk because viewing a local diagnostic report now depends on remote content that could change, fail, or leak environment metadata through network access.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger description contains broad phrases like 'gateway 太慢了', '生成性能报告', and 'Gateway 启动优化', which can match ordinary diagnostic or optimization requests without clearly signaling that the skill will restart a service. This increases the chance an agent invokes a disruptive skill unexpectedly, especially because the skill performs operational actions rather than passive analysis.

Missing User Warnings

High
Confidence
97% confidence
Finding
The skill explicitly instructs the agent to execute scripts with elevated privileges and states that invocation will automatically stop and start the Gateway, but it does not require an explicit user warning or confirmation. This is dangerous because a loosely matched request could trigger privileged service disruption, causing downtime and potentially affecting production workloads or connected channels.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The script stops and restarts the Gateway without a clear upfront warning or confirmation, creating an avoidable availability risk. In the context of a service-management skill, this is more dangerous because users may expect diagnostics only, not disruptive lifecycle actions affecting active workloads.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal