Auto Rename Session Label

Security checks across malware telemetry and agentic risk

Overview

This skill does what it claims, but its install trigger is too broad for a persistent hook that changes OpenClaw behavior automatically.

Install only if you intentionally want a persistent OpenClaw hook that auto-labels new sessions. Before running the workflow, confirm the install request is explicit, review the hook code, and remember it will send the first user message to the same model/provider used by that session to generate a title.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 95% confidence
Finding: The instruction to run the install workflow whenever the listed triggers are 'seen/heard' is overly broad and can cause the agent to perform filesystem writes and enable a persistent hook without confirming user intent or execution context. Because the workflow installs and activates code, ambiguous activation materially increases the risk of unintended persistence or social-engineering-triggered execution.

Vague Triggers

Medium

Confidence: 90% confidence
Finding: At least one trigger phrase is broad enough to overlap with ordinary conversation about chat naming or session titles, making accidental activation plausible. In this skill, accidental activation is more dangerous because the action is not read-only: it copies files, enables a hook, and creates persistent behavior in the user's OpenClaw environment.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal