openclaw-design
Pass
Audited by Gen Agent Trust Hub on Jul 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The
autoreviewscript executesgit,gh(GitHub CLI), and various AI agent CLIs (codex,claude,pi,opencode,cursor) to facilitate the code review process.\n- [COMMAND_EXECUTION]: The tool provides an optional--parallel-testscapability that executes user-supplied test commands in a shell environment concurrently with AI reviews.\n- [DATA_EXFILTRATION]: Theautoreviewtool collects source code, git diffs, and untracked files to send to external LLM providers for analysis as part of its core functionality.\n- [DATA_EXFILTRATION]: To protect sensitive information, the script incorporates an extensive secret detection engine that identifies API keys, tokens, and private keys using regex patterns before they are included in a review bundle.\n- [DATA_EXFILTRATION]: Path filtering is implemented to explicitly block access to sensitive directories such as.ssh,.aws,.gnupg, and private environment files.\n- [SAFE]: The skill employs strong isolation techniques for AI agents, including scrubbing the execution environment of host credentials and ensuring the repository under review cannot provide malicious binaries to the tool's execution PATH.
Audit Metadata