ClawHub

Openclaw Workflow Automation

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed workflow-template skill with some sensitive automation examples, but no evidence of hidden execution, credential theft, exfiltration, or destructive behavior.

Install only if you intend to use workflow templates and review each template before deployment. Add human approval for auto-replies, forwarding, and publishing; restrict recipients and credentials; redact sensitive content; and define retention, deletion, and access controls for stored or archived documents.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Vague Triggers

Medium
Confidence
79% confidence
Finding
Automatic handling of all inbox mail based on a vague trigger can become dangerous because it may process sensitive, spoofed, or misclassified messages without meaningful gating. In the context of email automation, underspecified triggers increase the chance of unauthorized forwarding, unintended replies, and data leakage across trust boundaries.

Vague Triggers

Medium
Confidence
77% confidence
Finding
A broad file-upload trigger for document processing can expose the system to unsafe or unexpected files, including sensitive documents or malformed inputs that downstream processors may mishandle. Because the workflow includes parsing, extraction, storage, and archiving, missing constraints can expand the attack surface and increase privacy and content-handling risk.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The template describes generating and then publishing content to an external platform without warning about external posting behavior or the need for review. This can lead to accidental disclosure, brand damage, policy violations, or publication of untrusted/generated content directly to third-party services.

Missing User Warnings

Medium
Confidence
82% confidence
Finding
Outbound notifications to WeChat, email, or Telegram are third-party transmissions, and the template does not warn that monitored data may leave the primary system boundary. If users include sensitive business or personal data in alerts, this can create privacy, compliance, and misdelivery risks.

Missing User Warnings

High
Confidence
94% confidence
Finding
Automatic email replies and forwarding create a clear risk of leaking sensitive content, responding to malicious senders, or misrouting communications when classification is wrong. In email workflows, this is especially dangerous because inboxes commonly contain personal data, credentials, contracts, and internal business information crossing organizational boundaries.

Missing User Warnings

Medium
Confidence
85% confidence
Finding
The document-processing template describes parsing, extracting, storing, and archiving uploaded file contents without warning about the sensitivity of those files or the risks of retaining extracted data. This can result in overcollection, insecure storage, or processing of confidential documents without adequate controls.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal