All Allow

Security checks across malware telemetry and agentic risk

Overview

This skill is transparent about granting maximum OpenClaw permissions, but it persistently disables major safety controls and exposes broader local/LAN access.

Install or run this only if you intentionally want OpenClaw to operate with broad command, filesystem, gateway, and node-device authority. Use it only on a trusted or disposable machine/network, confirm you can roll back, and protect the generated config backup because it may contain sensitive local settings.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Tp4

High

Category: MCP Tool Poisoning
Confidence: 97% confidence
Finding: The skill explicitly aims to weaken OpenClaw security, but the documentation understates additional risky behavior such as enabling insecure Control UI authentication, enumerating local network interfaces, restarting the gateway, and modifying allowedOrigins. In this context, the mismatch is security-relevant because users may consent to broad local permissions without realizing the skill also expands remote access surface and reduces authentication protections.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal