iot-security
Fail
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill facilitates Over-the-Air (OTA) updates by fetching firmware from external URLs (e.g., updates.example.com). Automated scanning detected a pattern where these remote binaries are processed using subprocess execution, which can lead to arbitrary code execution if the source is compromised or the integrity check is bypassed.
- [EXTERNAL_DOWNLOADS]: The skill references remote firmware downloads from untrusted domains. While the skill's primary API (api.openclaw.io) is a vendor resource, the documentation suggests downloading executable payloads from external endpoints, which is a significant attack vector.
- [COMMAND_EXECUTION]: The skill documentation provides examples of using
subprocess.runto invoke theiot-secureCLI for firmware hardening. This allows the agent to execute shell commands on files that may have been retrieved from remote, untrusted sources. - [CREDENTIALS_UNSAFE]: The skill demonstrates the use of sensitive API keys (e.g.,
$IOT_API_KEY) within command-line arguments and HTTP headers. While it correctly suggests using environment variables, the pattern of passing secrets via CLI flags can lead to credential exposure in process trees or command history.
Recommendations
- HIGH: Downloads and executes remote code from: https://updates.example.com/firmware.bin - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata