worker-management

No direct evidence of overt malware (e.g., exfiltration, reverse shells, or backdoor installation) is visible in this fragment. However, there is a significant security risk: the script executes arbitrary shell code via `source /data/worker-creds/${worker}.env` where the path is constructed from the worker identifier provided at runtime, and it also uses the worker identifier in other filesystem paths without visible sanitization. These patterns can enable code execution or unintended file access if worker inputs and/or filesystem contents are attacker-controlled. Container lifecycle impact is high because stop/start/delete/recreate is delegated to an external module.

Overall, this module behaves like legitimate administrative tooling for enabling peer-to-peer Matrix @mentions by modifying groupAllowFrom in openclaw.json, syncing via MinIO, and notifying affected workers. There is no strong evidence of malicious payloads (no persistence, exfiltration, or stealth). The main security risk is operational/integrity: worker identifiers from --workers are not strictly validated before being used in filesystem path and MinIO key construction, which could allow unintended config targeting if input can be manipulated. Minor risk also exists from unquoted HICLAW_MATRIX_SERVER usage in curl URL construction.