Upgrade Guard

Security checks across malware telemetry and agentic risk

Overview

This is a transparent OpenClaw upgrade checklist; its risky commands are disclosed and tied to backup, upgrade, and rollback work.

Install only if you are comfortable following manual upgrade commands that can modify OpenClaw config, install global packages, and restart the gateway. Treat ~/.openclaw/openclaw.json backups as sensitive, and review or replace the old-backup pruning command before running it.

SkillSpector

By NVIDIA

Vulnerability Patterns

Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (4)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The backup-pruning command performs recursive deletion with `xargs rm -rf` and suppresses errors, but the documentation does not clearly warn the user that directories will be permanently deleted. In an agent setting, destructive commands without explicit confirmation or safer argument handling increase the chance of accidental data loss if path assumptions fail or unexpected filenames are present.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The document includes a destructive cleanup command that deletes directories via `xargs rm -rf` without an explicit warning about deletion behavior or failure modes. In a user-facing upgrade skill, this is dangerous because a malformed match set, unexpected working directory, or shell edge case can remove more data than intended.

Tool Parameter Abuse

High

Category: Tool Misuse
Content: 保留最近 10 个，自动清理旧的： ```bash cd ~/.openclaw/upgrade-guard && ls -1d pre-* 2>/dev/null | sort | head -n -10 | xargs rm -rf 2>/dev/null ``` ## Cautious 模式（推荐）
Confidence: 96% confidence
Finding: rm -rf 2>/dev/

Chaining Abuse

High

Category: Tool Misuse
Content: 保留最近 10 个，自动清理旧的： ```bash cd ~/.openclaw/upgrade-guard && ls -1d pre-* 2>/dev/null | sort | head -n -10 | xargs rm -rf 2>/dev/null ``` ## Cautious 模式（推荐）
Confidence: 95% confidence
Finding: | xargs rm

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal