Skills
skills/aaaaqwq/agi-super-team/openclaw-inter-instance/Gen Agent Trust Hub

openclaw-inter-instance

Fail

Audited by Gen Agent Trust Hub on Mar 13, 2026

Risk Level: HIGHCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides explicit instructions and examples for executing arbitrary shell commands on remote nodes via the nodes.run tool, specifically recommending bash -c for complex tasks and env -u for bypassing proxy settings.
  • [REMOTE_CODE_EXECUTION]: The skill is designed to enable remote execution across OpenClaw instances, allowing one agent to trigger script and command execution on paired remote machines.
  • [PROMPT_INJECTION]: The documentation includes a section on 'GLM-5 Identity Coverage' which instructs the use of 'CRITICAL IDENTITY' declarations to override a model's default persona and internal instructions.
  • [EXTERNAL_DOWNLOADS]: The skill provides examples for cloning external git repositories onto remote instances using git clone.
  • [DATA_EXFILTRATION]: The skill documents methods to access and transmit sensitive data, including local configuration files like ~/.openclaw/openclaw.json and agent memory files, across different instances and nodes.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 13, 2026, 07:00 AM