btpanel
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXFILTRATION]: The skill handles sensitive BT-Panel API tokens which are required for authentication. These credentials are provided by the user and stored in a local YAML configuration file at
~/.openclaw/bt-skills.yaml. This is standard behavior for command-line tools that manage remote server infrastructure. - [COMMAND_EXECUTION]: The skill consists of Python scripts that perform network operations to interact with remote BT-Panel instances. The
BtClientimplementation inbt_common/bt_client.pyexplicitly disables SSL verification (verify=False) to support connections to panels using self-signed certificates, which is a common configuration in internal server environments. - [PROMPT_INJECTION]: The skill contains a vulnerability surface for indirect prompt injection due to its ability to read and display remote server logs.
- Ingestion points: Remote log files (e.g., Nginx, Apache, MySQL, Redis) are retrieved and displayed to the agent via
scripts/logs.py. - Boundary markers: The skill does not wrap log content in specific delimiters or provide explicit instructions to the agent to disregard instructions found within the logs.
- Capability inventory: The skill has the ability to perform network requests and modify its local configuration file.
- Sanitization: Log content is retrieved and formatted for display using the
richlibrary but is not sanitized for potential embedded malicious instructions.
Audit Metadata