skills/openclaw/gogcli/crabbox/Gen Agent Trust Hub

crabbox

Pass

Audited by Gen Agent Trust Hub on May 26, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Executes the crabbox CLI, pnpm scripts, and local repository scripts (e.g., scripts/crabbox-wrapper.mjs, scripts/macos-host-region-preflight.sh) to manage remote testing leases and environment hydration.
  • [EXTERNAL_DOWNLOADS]: Instructs the agent to install the crabbox tool via Homebrew (openclaw/tap/crabbox) and communicates with remote orchestration backends such as AWS, Hetzner, and Blacksmith Testbox.
  • [COMMAND_EXECUTION]: Utilizes sudo within remote host setup instructions to create symbolic links for binaries (e.g., sudo ln -sf ... /usr/local/bin/), which is consistent with the skill's purpose for CI/CD and test environment management.
  • [PROMPT_INJECTION]: Ingests and processes untrusted data from GitHub Pull Requests (--fresh-pr) and external command outputs, representing a surface for indirect prompt injection. This risk is inherent to the testing orchestration use case and is addressed through specific instructions for monitoring and verification.
Audit Metadata
Risk Level
SAFE
Analyzed
May 26, 2026, 02:20 AM
Security Audit — agent-trust-hub — crabbox