ClawHub

Openclaw Zh

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Chinese localization skill that edits local OpenClaw UI files, with persistent file changes that users should run deliberately.

Install this only if you intentionally want to modify your local OpenClaw UI. Before applying it, run the script in dry-run mode if available, confirm the OpenClaw path is the install you mean to change, keep the generated backups, and note the Chrome extension documentation/file-name mismatch before editing extension files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill instructs the user to run a local Python script and directly modify files under system-level OpenClaw installation paths, which implies file read/write capability without any declared permission boundary. This creates a trust and transparency gap: the skill can alter installed application assets and UI files, and users or the platform may not realize the extent of filesystem access required.

Vague Triggers

Medium
Confidence
83% confidence
Finding
The trigger language includes broad phrases such as mentions of Chinese UI or translating OpenClaw components, which may cause the skill to activate on generic requests that are not an explicit request to modify installed files. Over-broad activation increases the chance of unintended invocation of a skill that performs local file modifications.

Natural-Language Policy Violations

Medium
Confidence
89% confidence
Finding
The skill is framed as applying Chinese localization directly, without making user consent or preview explicit, and the instructions describe modifying UI files in place. Because it changes the behavior and presentation of installed software, lack of explicit opt-in and confirmation can lead to unwanted persistent changes and user confusion, especially in shared or managed environments.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal