openclaw-mission-control
Fail
Audited by Gen Agent Trust Hub on May 17, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill provides a 'Quick Start' installation command that downloads a script from
https://raw.githubusercontent.com/abhi1693/openclaw-mission-control/master/install.shand pipes it directly into thebashshell. This allows the remote server or any entity with access to that repository to execute arbitrary commands on the agent's environment with current user privileges.\n- [COMMAND_EXECUTION]: Instructions include several shell commands for deployment and management, such asnpm install,docker compose, and local script execution (./install.sh), which can lead to system-wide changes depending on the execution environment.\n- [EXTERNAL_DOWNLOADS]: The skill fetches resources from external domains includinggithub.comandraw.githubusercontent.comfrom an unverified user account (abhi1693).
Recommendations
- HIGH: Downloads and executes remote code from: https://raw.githubusercontent.com/abhi1693/openclaw-mission-control/master/install.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata