session-logs1

Security checks across malware telemetry and agentic risk

Overview

This skill provides read-only commands to search your own OpenClaw conversation logs, which is useful for its stated purpose but can expose sensitive past chat content.

Install this only if you are comfortable letting the agent inspect local OpenClaw session transcripts. Use specific dates, session IDs, or keywords when possible, and avoid bringing unrelated past chat content or old tool outputs into the current conversation.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 87% confidence
Finding: The trigger guidance is broad enough that the skill could be invoked for ordinary context questions, causing the agent to read historical session logs when that access may not be necessary. Because the skill targets complete prior conversation history, over-invocation increases privacy exposure and the chance of surfacing sensitive data from unrelated sessions.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill advertises access to complete conversation history and provides direct filesystem paths and search commands without any privacy warning, minimization guidance, or consent boundary. In this context, the data source is highly sensitive because session logs can contain user prompts, assistant outputs, tool results, and cost/usage metadata across older conversations, so misuse or routine use could expose far more information than needed.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal