Agent Add

Security checks across malware telemetry and agentic risk

Overview

This skill does what it claims by creating OpenClaw agents, but its helper script uses unsafe shell command construction while making persistent changes to the user's OpenClaw setup.

Review the script before installing. Only use trusted, simple values for agent ID, model, and workspace path, because the helper script uses eval when running openclaw. Expect it to make persistent OpenClaw configuration and workspace changes, create avatar preview files, copy template documents, and append a local history record.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill instructs the agent to generate PNG preview files inside the skill's `avatars/` directory, which modifies the local filesystem before the user has explicitly approved any write operation. This is risky because it creates persistent artifacts in a shared skill directory and normalizes side effects during what appears to be a simple selection step.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The creation flow executes a script that registers a new agent, creates or populates a workspace, verifies installation, and appends to a history log, but the skill does not clearly present these as disk- and configuration-modifying actions before execution. That omission undermines informed consent and can lead to unexpected persistent changes in the user's environment.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal