Give eyes to your openclaw

Security checks across malware telemetry and agentic risk

Overview

This skill has sensitive screen and audio capture abilities, but they are disclosed, user-directed, and aligned with its stated purpose.

Install only if you are comfortable granting an agent access to screenshots, screen recordings, microphone audio, and recent captured context. Ask for confirmation before recording audio, capturing all monitors, monitoring over time, or sending screenshots to any configured external vision model.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The trigger examples are broad enough that a model could interpret ordinary user phrases like 'check something on my screen' or 'debug this' as authorization to invoke a screen-capture tool. Because this skill can capture screenshots, clips, voice, and even all monitors, accidental invocation can expose highly sensitive on-screen information without sufficiently explicit, contextual consent.

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The 'When to Use' guidance is ambiguous and encourages use based on the assistant's judgment ('would help', 'want to verify', 'monitor or watch something') rather than a clear user authorization boundary. In a privacy-sensitive skill with visual and audio capture capability, this creates a real risk of over-collection and unintended surveillance-like behavior, especially across multiple monitors or repeated captures.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal