skills/openclaw/imsg/crabbox/Gen Agent Trust Hub

crabbox

Pass

Audited by Gen Agent Trust Hub on Jul 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses various local shell commands to orchestrate remote testing environments, including crabbox, blacksmith, and pnpm. It provides patterns for diagnostic checks such as crabbox doctor, crabbox status, and blacksmith testbox list.
  • [REMOTE_CODE_EXECUTION]: The primary purpose of the skill is to facilitate executing code on remote targets via the crabbox run command. It includes instructions for running complex shell strings, uploading and executing local scripts using --script, and executing commands on remote SSH targets.
  • [EXTERNAL_DOWNLOADS]: The skill documents procedures for downloading remote logs and test results using crabbox artifacts collect and --capture-on-fail. These operations are part of the tool's intended lifecycle management for remote testing.
  • [DATA_EXPOSURE_AND_EXFILTRATION]: The skill provides explicit guidance on the safe handling of secrets, instructing the user to inject specific keys only into the remote process environment without printing or logging them. It also describes environment variable forwarding using --allow-env and --env-from-profile.
  • [INDIRECT_PROMPT_INJECTION]: The skill defines procedures for ingesting data from external sources such as GitHub PRs (--fresh-pr) and remote command outputs. While this creates a potential attack surface, the instructions include recommendations for human review and log redaction to mitigate risks.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 3, 2026, 12:14 AM
Security Audit — agent-trust-hub — crabbox