ClawHub

Openclaw Automation Recipes

Security checks across malware telemetry and agentic risk

Overview

This recipe pack is not executable malware, but several templates could run persistent automations that post publicly, reply to email, back up local OpenClaw data, or store social mentions without enough safeguards.

Review before installing. Treat these as editable examples, not safe defaults: add confirmation or draft steps for email replies and public posts, narrow backup sources, secure S3 buckets with least-privilege access and encryption, define retention for stored social data, and periodically audit ~/.openclaw/automations/ for tasks that should no longer run.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The backup recipe instructs users to copy local data from `~/.openclaw/data` to an S3 bucket without any warning about what data may be included, whether it contains secrets or personal information, or how the remote bucket should be secured. This creates a real risk of unintended data exfiltration, insecure cloud storage, and compliance/privacy issues if users apply the recipe as-is.

Missing User Warnings

Medium
Confidence
79% confidence
Finding
The social monitoring recipe saves collected mentions to a database but does not disclose retention, access controls, or privacy implications. Even if the source data is public, storing and processing mentions can create privacy, governance, and misuse risks, especially if combined with sentiment analysis and alerting.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal