command-center
Pass
Audited by Gen Agent Trust Hub on Jun 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes the
openclawCLI and system monitoring tools likeuptime,df, andsysctlto populate the dashboard. It uses shell-injection-safe methods likeexecFileSyncand sanitizes the process environment to prevent sensitive data from leaking to subprocesses. - [EXTERNAL_DOWNLOADS]: Includes scripts to install system utilities from official repositories using system package managers. It also offers an optional Cloudflare tunnel setup to enable remote access, which is disabled by default and requires manual configuration.
- [DATA_EXFILTRATION]: Provides an integration with the Linear API to sync agent activities with project tickets. This functionality sends metadata to
api.linear.appand requires user-configured API keys. This is a documented feature and part of the skill's synchronization capabilities. - [SAFE]: The skill implements best practices for local dashboard security, including localhost-by-default binding, multiple authentication modes (Tailscale, Cloudflare Access, Tokens), and pre-commit checks that actively block the accidental inclusion of secrets or user data in the source repository.
Audit Metadata