Antfarm Workflows

Security checks across malware telemetry and agentic risk

Overview

This workflow skill is coherent, but it asks agents to install and run persistent autonomous cron-driven workers through an unreviewed local CLI, so users should review it carefully before use.

Install only if you trust the Antfarm CLI already present under ~/.openclaw/workspace/antfarm. Before running install, inspect what cron jobs, dashboard port, database, and agent workspaces it creates. Avoid putting secrets in workflow task text or agent outputs, monitor logs during runs, and use the uninstall commands carefully because they may delete workflow state and background jobs.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 87% confidence
Finding: The skill documents destructive uninstall commands, including a full uninstall that removes workflows, agents, cron jobs, the database, and the dashboard, but does not present any explicit safety warning, confirmation guidance, backup advice, or caution about irreversible data loss. In an agent skill context, users may rely on the documented commands as operational guidance, so omission of warnings materially increases the chance of accidental destructive execution.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal