skills/itechmeat/llm-code/openclaw/Gen Agent Trust Hub

openclaw

Pass

Audited by Gen Agent Trust Hub on May 18, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill consists of documentation for the OpenClaw platform. It focuses on secure setup and operational best practices, including guidance on authentication, log redaction, and loopback binding.- [COMMAND_EXECUTION]: The documentation identifies high-impact tools such as exec for shell operations and process for task management. It provides clear safety guidance, recommending the use of least-privilege profiles, timeouts, and explicit user consent.- [EXTERNAL_DOWNLOADS]: The reference files describe legitimate software maintenance processes via standard package managers (npm, pnpm) and the official project GitHub repository.- [PROMPT_INJECTION]: The documentation addresses the surface for indirect prompt injection via integrated chat channels. It outlines defensive measures like identity-based allowlists and mention-gated triggers.
  • Ingestion points: messaging channels including Telegram, WhatsApp, Slack, and Matrix.
  • Boundary markers: configurable prompt modes (full/minimal/none).
  • Capability inventory: shell execution (exec), process lifecycle management, network communication, and sub-agent spawning.
  • Sanitization: origin validation for WebSocket connections and local-root containment for media handling.
Audit Metadata
Risk Level
SAFE
Analyzed
May 18, 2026, 08:03 PM
Security Audit — agent-trust-hub — openclaw