Back to skill

Security audit

Token Usage Display

Security checks across malware telemetry and agentic risk

Overview

This skill transparently patches the local OpenClaw web UI to show model and token usage, with no evidence of hidden collection, network activity, or destructive behavior.

Install this only if you want a persistent local OpenClaw UI customization. Before running it, choose the date-display option intentionally and confirm the target OpenClaw root is the installation you mean to patch.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill instructs execution of local shell commands and a patch script that reads and writes files, but it declares no corresponding permissions. This creates a trust and review gap: operators may approve or invoke the skill without realizing it can modify local application assets, making unintended system changes more likely.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.