ClawHub

Openclaw Cn Installer

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent OpenClaw setup helper, but it stores AI provider API keys locally and runs user-invoked diagnostic scripts.

Install only if you trust the publisher and are comfortable with local setup scripts. Use revocable API keys, protect ~/.openclaw/.env, avoid sharing logs or screenshots that may include secrets, and rotate keys if you uninstall the skill or no longer trust the local machine.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill advertises execution of local Node.js scripts and shell-like installation/usage flows, but the manifest does not declare corresponding permissions. This creates a transparency and trust problem: users and security tooling cannot accurately assess what capabilities the skill needs before installation or execution.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The document instructs users to configure third-party AI providers and explicitly references storing API keys in ~/.openclaw/config.json and ~/.openclaw/.env, but it does not warn about the sensitivity of those secrets. Users may expose keys through weak file permissions, backups, logs, screenshots, or accidental sharing of workspace/config files.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The script prompts for API keys and writes them in plaintext to ~/.openclaw/.env without clearly warning the user about local credential storage, file sensitivity, or expected permissions. This increases the risk of accidental disclosure through backups, local compromise, shared accounts, or overly permissive file modes.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal