ClawHub

sevo-pipeline

Security checks across malware telemetry and agentic risk

Overview

SEVO appears to be a real agent-development pipeline, but its artifacts describe automatic configuration changes, agent repair loops, scheduled scans, and publish/deploy actions that users should review before enabling.

Install only in a workspace where SEVO is allowed to alter OpenClaw configuration, register hooks, keep pipeline state, dispatch agents, and manage project release workflows. Start with guide/off or demo/dry-run modes, inspect any init/postinstall behavior, disable scheduled scans unless wanted, and do not provide production publish credentials until approval gates, target scopes, rollback behavior, and retention settings are clear.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Rogue AgentSelf-Modification, Session Persistence
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The document proposes fully automated remediation, agent dispatch, re-scan, and automatic re-dispatch/closure loops without specifying safety gates, human approval points, scope limits, or protections against repeated triggering. In an agentic development pipeline, this can cause uncontrolled code changes, repeated execution loops, or automatic closure of issues based on flawed verification, increasing the risk of unsafe or unauthorized system modifications.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The specification explicitly describes automatic deployment, rollback, file writes, hook registration, and autonomous pipeline advancement, but does not pair these capabilities with strong user-consent, authorization, or safety-gating requirements. In an agent skill that orchestrates development workflows, this increases the risk of unintended system-impacting actions being executed automatically, especially because the document repeatedly emphasizes auto-progression and fail-open behavior.

Session Persistence

Medium
Category
Rogue Agent
Content
│                      │                    │  模式=auto-route  │
 │                      │                    │  classifyLevel()  │
 │                      │                    │  → Level 1        │
 │                      │  { action: create }│                  │
 │                      │◀───────────────────│                  │
 │                      │                    │                  │
 │                      │  createPipeline()  │                  │
Confidence
79% confidence
Finding
create }│ │ │ │◀───────────────────│ │ │ │ │ │ │ │ createPipeli

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal