runninghub
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill runs local Python scripts (
runninghub.pyandrunninghub_app.py) that use thesubprocessmodule to executecurlcommands for network communication and file downloads. - [CREDENTIALS_UNSAFE]: The file
references/api-key-setup.mdcontains a Python one-liner intended to save the user's API key into a local configuration file at~/.openclaw/openclaw.json. While functional, this involves storing sensitive credentials in plain text. - [EXTERNAL_DOWNLOADS]: The skill downloads generated multimedia content and application metadata (such as cover images) from the official
runninghub.cndomain usingcurl. - [PROMPT_INJECTION]: The skill has an indirect prompt injection surface. Ingestion points: Data enters the agent context via API responses (application titles and descriptions) in
runninghub_app.py. Boundary markers: No explicit markers or instructions are used to delimit external data. Capability inventory: The skill can execute subprocesses (curl,python3) and write files to the/tmpdirectory. Sanitization: No sanitization or validation of the retrieved API metadata is performed before it is presented to the user.
Audit Metadata