install-openclaw-raspi

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The installation instructs running a remote install script via curl -fsSL https://deb.nodesource.com/setup_22.x | sudo -E bash, which fetches and executes code at runtime and is required for the Node.js installation step.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.90). The skill instructs running sudo commands (apt installs, piped curl to sudo bash), enabling SSH and setting usernames/passwords, and suggests creating a systemd service — all actions that modify system state and require elevated privileges.