ClawHub

OpenClaw Benchmark

Security checks across malware telemetry and agentic risk

Overview

This is a coherent OpenClaw benchmark skill that runs bounded tests and writes local benchmark reports, with no evidence of deception, exfiltration, or destructive behavior.

Install only if you are comfortable with a benchmark that runs simple shell commands, performs a couple of network-based tests, and saves local reports and baseline JSON files. Review or delete ~/Downloads/OpenClaw-Benchmark and /tmp/bench_metrics.json if you do not want benchmark history left on disk.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill explicitly instructs use of `exec` to create and delete a local file under `/tmp` without any user-facing warning or consent checkpoint. Although the commands are limited and appear benchmark-related, they still modify the local system and normalize shell execution inside a skill, which can surprise users and create risk if the pattern is copied or later expanded.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill directs writing metrics to `/tmp/bench_metrics.json` and generating HTML reports in the user's Downloads directory, causing persistent filesystem changes without prominent disclosure. Even if the data is operational rather than secret, writing benchmark artifacts to disk can expose environment details, create unwanted residue, and violate user expectations for a read-only benchmarking workflow.

Missing User Warnings

Low
Confidence
89% confidence
Finding
The baseline management step copies benchmark JSON into `~/Downloads/OpenClaw-Benchmark/baselines/`, creating durable run-history files without a user warning. This is lower severity than arbitrary command execution, but it still persists system and model metadata on disk and may unintentionally accumulate sensitive environment information over time.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal