ClawHub

OpenFunderse Participant

Security checks across malware telemetry and agentic risk

Overview

The skill is not clearly malicious, but it handles a blockchain signer key and can change global OpenClaw runtime state, so it belongs in Review before use.

Install only in an isolated or non-production OpenClaw environment first. Use a dedicated low-value participant wallet, never a treasury/admin key, review the npm package before running npx, prefer the no-sync and no-restart flags until you inspect changes, keep PARTICIPANT_REQUIRE_EXPLICIT_SUBMIT and trusted relayer host checks enabled, and audit ~/.openclaw/openclaw.json and wallet backup files after setup.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Rogue AgentSelf-Modification, Session Persistence
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Session Persistence

Medium
Category
Rogue Agent
Content
npx clawhub@latest install openfunderse-participant
```

2) Optional: create or rotate a dedicated participant signer key.

If you already have a key, set `PARTICIPANT_PRIVATE_KEY` and `PARTICIPANT_ADDRESS` directly in OpenClaw env (`/home/ubuntu/.openclaw/openclaw.json` -> `env.vars`) or in `~/.openclaw/workspace/.env.participant`. You do not need to run `bot-init`.
Confidence
89% confidence
Finding
create or rotate a dedicated participant signer key. If you already have a key, set `PARTICIPANT_PRIVATE_KEY` and `PARTICIPANT_ADDRESS` directly in OpenClaw env (`/home/ubuntu/.openclaw/openclaw.json

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal