Back to skill

Security audit

OpenClaw Dashboard Screenshot

Security checks across malware telemetry and agentic risk

Overview

This skill performs its stated dashboard screenshot task, but it can automatically capture and send a full-page local dashboard image to a fixed QQBot destination.

Review before installing. Only use this skill if the hardcoded QQBot target is your intended recipient, you are comfortable with it starting the local dashboard service, and the dashboard does not expose secrets or sensitive operational data. Prefer a version that asks for confirmation before starting services, taking screenshots, and sending images externally.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger list includes broad, common phrases such as "dashboard" and general status-related wording that can be invoked in ordinary conversation without clear intent to run this skill. In context, accidental activation is meaningful because the skill can open a browser, inspect a local service, and potentially start a background process, turning ambiguous phrasing into unintended system actions.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill specifies automatically running `npm run dev` in the background if localhost:3000 is not responding, then taking a screenshot and sending it to the user, but it does not require explicit user consent for command execution or data transmission. This is dangerous because it combines local code execution, service startup, and exfiltration of potentially sensitive dashboard contents, which may include operational data, tokens, or internal status information.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The skill captures a full-page screenshot of a local dashboard and sends it to a fixed QQBot target, which creates a clear data exfiltration path without explicit user consent or destination verification. Because dashboard pages commonly contain operational status, identifiers, tokens, message counts, and other sensitive metadata, automatic transmission to a hard-coded external recipient materially increases confidentiality risk.

VirusTotal

No VirusTotal findings

View on VirusTotal

Static analysis

No suspicious patterns detected.