ClawHub

Identity Trust

Security checks across malware telemetry and agentic risk

Overview

This is coherent decentralized-identity tooling, but it handles persistent keys and credentials that users must protect.

Install only if you intend to manage decentralized identities or verifiable credentials. Verify the npm/GitHub package source before running it, require confirmation before creating DIDs, issuing credentials, evaluating trust, or exporting data, and protect the ~/.openclaw/identity/ directory as sensitive secret material.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The auto-trigger rules are overly broad for a security-sensitive skill, including generic terms like "identity" and broad intents that can match unrelated user requests. This increases the chance the skill is invoked in the wrong context, causing unnecessary handling of identity, trust, or credential workflows and potentially exposing users to risky actions or sensitive data collection.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The documentation mentions local private key storage and export functionality without prominent warnings about the sensitivity of keys and exported identity material. In a credential-management skill, this can lead users or agents to back up, export, or store highly sensitive cryptographic assets insecurely, which could enable credential forgery or identity takeover if compromised.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The auto-trigger conditions include very broad keywords such as “身份” and “信任”, which are common in ordinary conversation and may cause the skill to activate outside its intended DID/VC context. In a security-sensitive skill that manages identities, credentials, and trust decisions, accidental invocation can lead to unnecessary handling of sensitive data or inappropriate identity operations.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The documentation describes sensitive behaviors including local private-key storage, export of all data, and optional network-based DID resolution, but it does not prominently warn users about the confidentiality and integrity risks involved. Users may unknowingly expose keys, credentials, or metadata, especially when exporting data or enabling network resolution in environments that are not properly secured.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The auto-trigger conditions are broad enough to activate on common terms like 'identity' or 'trust', which can cause the skill to engage in unrelated conversations and expose sensitive identity-management capabilities unexpectedly. In a security-focused skill that can create DIDs, handle credentials, and store keys, accidental invocation increases the chance of unnecessary key creation, sensitive data handling, or misleading trust decisions.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The overview describes local storage and key management benefits but does not prominently warn users that sensitive identity data and private keys may be persisted on disk. Users may invoke the skill without understanding that cryptographic material could be written locally, leading to unintended exposure on shared systems or poorly secured hosts.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal