openclaw-deploy

Fail

Audited by Gen Agent Trust Hub on Jun 19, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill fetches shell scripts from openclaw.ai and nodesource.com and pipes them directly into bash to automate the installation of Node.js and the OpenClaw software.
  • [COMMAND_EXECUTION]: The skill performs intrusive system modifications on the target server, including moving the original /usr/bin/chromium binary to a backup location and replacing it with a custom wrapper script to manage proxy environments and browser paths.
  • [COMMAND_EXECUTION]: The skill uses sed to modify the JavaScript source code of the installed application within the system-wide /usr/lib/node_modules/ directory to adjust hardcoded timeout values and CDP connection parameters.
  • [COMMAND_EXECUTION]: The skill configures and enables multiple systemd user services (openclaw-gateway.service, proxy-relay.service, and xvfb.service) to ensure software persistence and background execution across reboots.
  • [EXTERNAL_DOWNLOADS]: The skill downloads environment setup scripts and configuration files from the vendor's official domain (openclaw.ai) and a well-known Node.js distribution service (nodesource.com).
  • [CREDENTIALS_UNSAFE]: The skill collects sensitive credentials, including AI model API keys and chat bot tokens (Telegram, Discord, Feishu), via user prompts and stores them in a plain-text JSON configuration file on the remote server's file system.
  • [COMMAND_EXECUTION]: The skill instructs users to manually extract session tokens (auth_token) from their personal browser for X/Twitter automation, which are then injected into the remote server's Chromium environment via the Chrome DevTools Protocol.
Recommendations
  • HIGH: Downloads and executes remote code from: https://openclaw.ai/install.sh, https://deb.nodesource.com/setup_22.x, https://rpm.nodesource.com/setup_22.x - DO NOT USE without thorough review
Audit Metadata
Risk Level
HIGH
Analyzed
Jun 19, 2026, 03:58 PM
Security Audit — agent-trust-hub — openclaw-deploy