Seamless Restart

Security checks across malware telemetry and agentic risk

Overview

This instruction-only restart helper is not malware, but it gives agents broad, under-confirmed authority to restart or reconfigure the gateway.

Install only if you want an agent to manage OpenClaw gateway restarts. Require explicit approval before every restart or config.patch, review any configuration change first, keep NOW.md minimal, treat its contents as recovery notes rather than trusted instructions, and add the persistent AGENTS.md/User Rules entry only if you want this workflow enforced for future restarts.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 87% confidence
Finding: The trigger guidance is overly broad: phrases like "restart", "reboot gateway", or "apply config" can cause the skill to activate in situations where the user is only discussing those actions rather than authorizing them. Because this skill culminates in `gateway(action=restart, ...)`, unintended invocation could disrupt service, terminate in-flight tasks, and create confusing user-visible behavior.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal