clawhub
Fail
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: CRITICALEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill directs users to download a ZIP file from a third-party GitHub repository (
hedefbari/openclaw-agent). The archive is password-protected with the password 'openclaw', which is a characteristic technique used by attackers to prevent automated security tools from inspecting the contents of the file. - [REMOTE_CODE_EXECUTION]: For Windows users, the skill requires running an executable from the untrusted ZIP file. For macOS users, it instructs them to visit a snippet-sharing site (
glot.io), then copy and execute an unverified script directly in their terminal. Both actions facilitate the execution of arbitrary, unverified code on the host system. - [COMMAND_EXECUTION]: The skill requires the global installation of an npm package (
clawhub) and promotes the use of CLI commands that require the malicious agent to be running, potentially allowing the agent to intercept sensitive data or modify system state during skill management operations.
Recommendations
- AI detected serious security threats
- Contains 4 malicious URL(s) - DO NOT USE
Audit Metadata