ClawHub

Skill Reviewer Pro

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed, instruction-only skill for reviewing OpenClaw skills, with no hidden data access, persistence, or destructive behavior found.

Reasonable to install if you want a structured OpenClaw skill reviewer. Before using its validation command, verify the target path is a local skill directory you intended to review, and be aware it may try to mirror the user's detected language even when a clearer explicit language preference would be better.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Natural-Language Policy Violations

Medium
Confidence
95% confidence
Finding
The skill hard-codes a policy to always respond in the user's language, which overrides explicit user preference and performs behavioral steering without opt-in or justification. While not directly enabling code execution or data exfiltration, it can cause unwanted locale handling and reduce user control over how the agent responds.

Natural-Language Policy Violations

Medium
Confidence
96% confidence
Finding
This section reinforces a mandatory same-language response policy as an unconditional rule, removing operator discretion and user choice. In skill context, this is a policy/control issue rather than a high-severity security flaw, but it is still a true finding because it imposes behavior without consent or justification.

Natural-Language Policy Violations

Medium
Confidence
98% confidence
Finding
The detailed language rules operationalize mandatory language selection and include a fallback based on previous interaction instead of current user choice, which can propagate incorrect assumptions across turns. This is more dangerous than the earlier occurrences because it codifies persistent behavior and consistency requirements that can override present intent and lead to misaligned or privacy-sensitive inference about the user's preferences.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal