ClawHub
Back to skill

Security audit

OpenClaw Code Search

Security checks across malware telemetry and agentic risk

Overview

This is a coherent read-only code search helper, with ordinary cautions about dependency installation and searching only intended folders.

Install rg, fd, and tree from trusted package managers or verified upstream releases. Use this skill on specific project directories rather than broad home or system paths, because search results may expose private code, filenames, or configuration contents to the agent conversation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal