install-openclaw-to-digitalocean
Pass
Audited by Gen Agent Trust Hub on Jun 22, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses local shell commands via the
doctlCLI andsshto provision cloud infrastructure and manage the remote server environment. - [EXTERNAL_DOWNLOADS]: Fetches software and scripts from official and well-known technology providers:
- Downloads the
doctlmanagement utility from DigitalOcean's official GitHub releases. - Retrieves Node.js installation scripts from the well-known NodeSource repository.
- Clones the core
ceo-ai-osworkspace from the author's own public GitHub repository. - Installs the
openclawagent package from the official NPM registry. - [REMOTE_CODE_EXECUTION]: Executes automated bootstrap scripts on the remote DigitalOcean Droplet via cloud-init and SSH to perform system hardening, install dependencies, and configure the bot environment.
- [OBFUSCATION]: The
cloud-init.yamlfile includes Base64-encoded blocks for Russian and Kazakh localization packs. This technique is used to prevent character corruption of non-ASCII text during the cloud-init injection process and is not used for malicious purposes.
Audit Metadata