Back to skill

Security audit

OpenClaw SEO-GEO Workflow

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed SEO publishing runbook with guarded production steps and no hidden executable code in the reviewed artifacts.

Install this only for the intended ClawLite/OpenClaw environment. Before running workflow commands, verify the local scripts under /Users/m1/.openclaw/workspace, keep provider credentials scoped, and explicitly approve any command that writes to the main site or deploys to production.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Rogue AgentSelf-Modification, Session Persistence
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Credential Access

High
Category
Privilege Escalation
Content
Known examples:

- `GA4_TAG_MISSING`: Peter/build/live site issue. Verify built layout and live HTML.
- `DATAFORSEO_B64_MISSING`: connector/env issue. Configure env/Keychain before rank/index checks can be complete.
- locale `/en/`, `/ja/`, `/ko/` 404 or redirect warnings: usually non-blocking unless Ray wants locale pages live.
- no top-100 keyword hits: monitor finding, not a publish blocker by itself.
Confidence
70% confidence
Finding
Keychain

Session Persistence

Medium
Category
Rogue Agent
Content
Check:

- OpenClaw logs: `/Users/m1/.openclaw/logs/*.log`
- LaunchAgents: `launchd/ai.openclaw.daily-seo-geo-blog-factory.plist`
- runner receipt freshness under `mission-control/data/runner/`
- active OpenClaw sessions if the task was triggered through Feishu/Discord/Telegram
Confidence
75% confidence
Finding
plist

VirusTotal

49/49 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.