Back to skill

Security audit

Migrator

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate migration tool, but restoring an archive can write broadly into the user’s home directory without enough containment.

Use this only for archives you created or fully trust. Treat .oca files as secret backups because they may contain auth tokens, memory, skills, and local path metadata. Before importing, back up existing OpenClaw files or restore to a temporary destination first, and verify the installed tar dependency is patched.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (6)

Missing User Warnings

Medium
Confidence
78% confidence
Finding
The manifest embeds environment metadata including the user's home directory and workspace path inside the archive. Even though the archive is encrypted, these fields increase the sensitivity of the backup by exposing local filesystem layout and potentially user-identifying information if the archive is later shared, mishandled, or decrypted on another system.

Unpinned Dependencies

Low
Category
Supply Chain
Content
"author": "Lucas <lucas.xuan>",
  "license": "MIT",
  "dependencies": {
    "archiver": "^7.0.0",
    "tar": "^7.4.3",
    "fs-extra": "^11.2.0",
    "commander": "^12.0.0"
Confidence
95% confidence
Finding
"archiver": "^7.0.0"

Unpinned Dependencies

Low
Category
Supply Chain
Content
"license": "MIT",
  "dependencies": {
    "archiver": "^7.0.0",
    "tar": "^7.4.3",
    "fs-extra": "^11.2.0",
    "commander": "^12.0.0"
  }
Confidence
97% confidence
Finding
"tar": "^7.4.3"

Unpinned Dependencies

Low
Category
Supply Chain
Content
"dependencies": {
    "archiver": "^7.0.0",
    "tar": "^7.4.3",
    "fs-extra": "^11.2.0",
    "commander": "^12.0.0"
  }
}
Confidence
95% confidence
Finding
"fs-extra": "^11.2.0"

Unpinned Dependencies

Low
Category
Supply Chain
Content
"archiver": "^7.0.0",
    "tar": "^7.4.3",
    "fs-extra": "^11.2.0",
    "commander": "^12.0.0"
  }
}
Confidence
94% confidence
Finding
"commander": "^12.0.0"

Known Vulnerable Dependency: tar==7.4.3 — 7 advisory(ies): CVE-2026-24842 (node-tar Vulnerable to Arbitrary File Creation/Overwrite via Hardlink Path Trave); CVE-2026-26960 (Arbitrary File Read/Write via Hardlink Target Escape Through Symlink Chain in no); CVE-2026-23745 (node-tar is Vulnerable to Arbitrary File Overwrite and Symlink Poisoning via Ins) +4 more

High
Category
Supply Chain
Confidence
99% confidence
Finding
tar==7.4.3

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.