openclaw-deploy

[Skill Scanner] Pipe-to-shell or eval pattern detected All findings: [CRITICAL] command_injection: Pipe-to-shell or eval pattern detected (CI013) [AITech 9.1.4] [CRITICAL] command_injection: Pipe-to-shell or eval pattern detected (CI013) [AITech 9.1.4] [CRITICAL] command_injection: Pipe-to-shell or eval pattern detected (CI013) [AITech 9.1.4] [CRITICAL] command_injection: URL pointing to executable file detected (CI010) [AITech 9.1.4] [HIGH] data_exfiltration: Remote file transfer via SSH/SCP/SFTP/rsync detected (NW001) [AITech 8.2.3] [HIGH] supply_chain: Installation of third-party script detected (SC006) [AITech 9.1.4] [HIGH] data_exfiltration: Remote file transfer via SSH/SCP/SFTP/rsync detected (NW001) [AITech 8.2.3] [HIGH] data_exfiltration: Remote file transfer via SSH/SCP/SFTP/rsync detected (NW001) [AITech 8.2.3] The deployment approach can be legitimate for automation but exhibits high-risk patterns: an unpinned remote installer, broad credential handling, and extensive persistent configuration. Without stronger integrity checks, scoped access, and minimized credential exposure, the tool presents substantial supply-chain and host-compromise risk. Recommend hardening: pin install sources and verify checksums, avoid storing sensitive tokens plaintext on remote hosts, implement per-operation scopes, use signed artifacts, and clearly separate deployment from runtime credential management. LLM verification: SUSPICIOUS to HIGH-RISK. The deployment pattern combines remote installer execution, credential handling, and broad system/service alterations, creating substantial supply-chain and runtime risk. To improve safety, enforce installer integrity through signing/hashes, adopt secrets vaults or environment-scoped credentials, implement least-privilege execution, add robust auditing/logging, and avoid persistent storage of sensitive data in plaintext JSON without encryption. Consider a staged, signed