healthcheck
Warn
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes various system-level discovery commands (e.g.,
ss,lsof,ufw status,pfctl,uname) to assess network exposure and host configuration. - [COMMAND_EXECUTION]: Utilizes the vendor-owned
openclawCLI to perform security audits, apply fixes, and manage scheduled tasks viaopenclaw cron. - [CREDENTIALS_UNSAFE]: Accesses sensitive host security configurations, specifically evaluating SSH access methods and disk encryption status (LUKS, FileVault, BitLocker).
- [EXTERNAL_DOWNLOADS]: Checks for the latest version of the
openclawpackage usingnpm view, which involves a network request to the npm registry. - [PROMPT_INJECTION]: The skill exhibits vulnerability to indirect prompt injection by processing external system data and command outputs without sanitization.
- Ingestion points: Command outputs from network tools and
openclawsecurity audits are used to drive the remediation workflow. - Boundary markers: Lacks explicit delimiters or instructions to treat ingested tool output as untrusted data.
- Capability inventory: Possesses significant capabilities including modifying firewall rules, changing SSH configurations, and establishing persistence via cron jobs.
- Sanitization: No evidence of sanitization or strict validation for data ingested from the host environment before it influences subsequent actions.
Audit Metadata