ClawHub

Openclaw Listing Skill

Security checks across malware telemetry and agentic risk

Overview

This is a coherent e-commerce listing helper with a disclosed local installer, but users should review the persistent AGENTS.md change before installing.

Before installing, read AGENTS_SNIPPET.md and consider backing up ~/.openclaw/workspace/AGENTS.md because the installer appends persistent agent instructions. Prefer invoking it with /listing, and verify all generated product claims and marketplace compliance details before publishing listings.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The activation rules include broad natural-language phrases like '写listing', '帮我写标题', and '写卖点', which are common requests that may appear in unrelated conversations. This can cause unintended skill invocation, leading the agent to override the user's intended workflow, unexpectedly process uploaded images, or generate marketplace-ready content in contexts where the user did not explicitly request this skill.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The README tells users to append agent configuration directly into `~/.openclaw/workspace/AGENTS.md` and then kill/restart the OpenClaw process, but it provides no warning to review the snippet, back up existing configuration, or verify what code/behavior is being enabled. In a skill package context, modifying a live agent workspace and restarting the service can activate unreviewed instructions with persistence, so this is a real operational security risk even if the documentation appears intended for normal installation.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal