Personalize OpenClaw WebUI Logo

Security checks across malware telemetry and agentic risk

Overview

This appears to be a narrow OpenClaw favicon customization skill, with the main risk being that it overwrites local OpenClaw UI icon files when the user asks it to.

Install this only if you want a skill that can run a shell script to overwrite favicon files in your local OpenClaw installation. Review the target path before applying a logo, and use the update workflow only with trusted ClawHub or Skillhub sources; do not paste real access tokens directly into commands where they may be saved in shell history.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Low

Confidence: 84% confidence
Finding: The skill tells the operator to overwrite files inside the installed OpenClaw package dist directory but does not clearly warn that this modifies local application files and may be reverted by upgrades or affect all users of that installation. While the intended function is customization, silent package-file modification can surprise users and weaken change control.

Missing User Warnings

Low

Confidence: 88% confidence
Finding: The library update workflow includes remote package retrieval and suggests authentication with an access token, but it does not prominently warn about network access, credential handling, or trust in the remote source. This can lead operators to expose tokens in shell history or pull unreviewed content into their environment.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal