ClawHub

OpenClaw安装服务

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward OpenClaw setup guide, with normal caution needed around credentials, global installation, paid support, and heartbeat automation.

Before installing, verify the OpenClaw npm package and registry source, do not share QR sessions, App Secrets, or webhooks with support staff, use least-privilege channel credentials, confirm how to stop heartbeat automation, and verify ClawMart before paying, especially via cryptocurrency.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill explicitly offers remote support and guides users to configure messaging channels that typically require login, app secrets, webhooks, or QR-based authentication, but it provides no privacy notice, scope limitation, or instructions for handling credentials safely. This creates a realistic risk of exposing sensitive account data or granting unintended third-party access during setup, especially because the service is commercial and encourages users to rely on an external provider.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The installation flow instructs users to globally install software, initialize a workspace, edit files under the home directory, and start a heartbeat service, but it does not disclose persistence, background execution, system modification, or rollback implications. Users may unknowingly alter their environment or start ongoing automated behavior without understanding the security and operational impact, which is more concerning because the skill is framed as a one-click setup assistant.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal