Skills
skills/aradotso/hermes-skills/openclaw-rl-training/Gen Agent Trust Hub

openclaw-rl-training

Fail

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: HIGHCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The terminal_rollout.py code snippet explicitly uses subprocess.run(command, shell=True) to execute commands generated by the AI model (agent_model.generate). This allows for arbitrary command execution if the model is prompted to perform malicious actions.
  • [REMOTE_CODE_EXECUTION]: By combining model generation with shell execution, the skill enables a remote code execution vector where the AI agent acts as the execution engine for commands influenced by user input or internal logic.
  • [EXTERNAL_DOWNLOADS]: The installation instructions direct users to clone and install code from a third-party repository (github.com/Gen-Verse/OpenClaw-RL.git) which is not from a recognized or trusted organization.
  • [DATA_EXFILTRATION]: The gui_rollout.py snippet uses pyautogui.screenshot() to capture the user's screen. While intended for a GUI agent, this capability could be used to capture and exfiltrate sensitive visual information if the model outputs are logged or sent to an external provider.
  • [CREDENTIALS_UNSAFE]: The documentation encourages the use of environment variables for sensitive tokens like WANDB_API_KEY and HF_TOKEN. While standard practice, the inclusion of OPENCLAW_API_KEY in shell exports increases the risk of credential leakage if environment logs are captured.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
May 16, 2026, 05:49 PM
Security Audit — agent-trust-hub — openclaw-rl-training