openclaw-setup
Fail
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADS
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill promotes the use of the high-risk 'curl | bash' pattern to install software from an unverified external source. * Evidence: File 'references/installation.md' contains 'curl -fsSL https://openclaw.ai/install.sh | bash'. * Evidence: File 'references/installation.md' contains 'iwr -useb https://openclaw.ai/install.ps1 | iex' for Windows systems.
- [COMMAND_EXECUTION]: The skill includes instructions for performing sensitive system-level operations that could be exploited. * Evidence: Use of 'npm install -g openclaw@latest' for global package installation. * Evidence: Extensive service management commands using 'systemctl --user', 'launchctl', and 'openclaw gateway install'. * Evidence: File system operations such as 'rm -rf ~/.openclaw' and 'chmod 600' on configuration directories.
- [CREDENTIALS_UNSAFE]: The skill provides methods to read files and configurations that likely contain sensitive credentials. * Evidence: Command 'cat ~/.openclaw/openclaw.json' is suggested for troubleshooting, which exposes the full configuration, including potential API keys. * Evidence: Command 'openclaw config get gateway.auth.token' explicitly retrieves authentication tokens. * Evidence: References to environment variables like 'ANTHROPIC_API_KEY' and 'OPENAI_API_KEY' in 'references/configuration.md'.
- [EXTERNAL_DOWNLOADS]: The skill depends on several external, non-trusted sources for core functionality. * Evidence: Downloads from 'https://openclaw.ai' and clones repositories from 'github.com/openclaw/openclaw'. * Evidence: Fetches the 'openclaw' package from the npm registry.
Recommendations
- AI detected serious security threats
Audit Metadata