openclaw-config-advisor
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes a Python script (
advise.py) to perform diagnostics on the host system. - [DATA_EXFILTRATION]: The script recursively scans the filesystem to detect the presence of sensitive strings such as API keys, tokens, and passwords.
- [DATA_EXFILTRATION]: The use of a user-definable directory argument (--config-dir) allows the agent to confirm the location of sensitive credentials in non-standard directories (e.g., ~/.aws or ~/.ssh) if the tool is used outside its intended scope.
Audit Metadata