kernel-auth
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFE
Full Analysis
- Command Execution (SAFE): The skill executes the
kernelbinary to manage authentication connections. All user-provided arguments are double-quoted within the shell script to prevent common shell injection vulnerabilities. - Data Exposure (SAFE): The skill writes a temporary authentication URL to a local file (
~/.openclaw/workspace/.kernel-auth-url). This is the intended behavior of the skill for the user to retrieve the URL manually. - External Dependencies (SAFE): The skill requires the
kernelbinary. While this is an external dependency, the skill itself does not attempt to download or install it from untrusted sources; it assumes the binary is already present on the system.
Audit Metadata