openclaw-mac-release
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes several command-line utilities to manage the release process, including
gh(GitHub CLI) for workflow dispatch,xcrun notarytoolfor Apple notarization, andop(1Password CLI) for secure credential retrieval. - [DATA_EXPOSURE]: The documentation includes internal configuration details such as 1Password vault names ('Molty', 'Private'), item titles, and a specific App Store Connect Key ID ('AKVLXW849T'). While these are identifiers rather than secrets, they expose specific details of the internal release infrastructure.
- [INDIRECT_PROMPT_INJECTION]: The skill provides templates for shell commands that interpolate version tags and branch references (e.g.,
tag=vYYYY.M.D). While this creates a potential injection surface if the inputs are untrusted, the context is limited to controlled release management workflows. - [EXTERNAL_DEPENDENCIES]: The skill references a local script
scripts/notarize-mac-artifact.shand GitHub Actions workflows in theopenclaw/releases-privaterepository to perform its core functions.
Audit Metadata