Huo15 Openclaw Security Review
Security checks across malware telemetry and agentic risk
Overview
This is an instruction-only security review skill that scans repository changes for common vulnerability patterns and does not install code, run background tasks, or hide privileged behavior.
Install it only in repositories where you are comfortable letting the agent read diffs and potentially git history, since security scans may reveal secrets. Keep remediation user-controlled, especially key revocation, history rewriting, and forced dependency updates.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
65/65 vendors flagged this skill as clean.