qqbot-upgrade
Fail
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill provides a command to download and execute a remote shell script from
https://raw.githubusercontent.com/tencent-connect/openclaw-qqbot/main/scripts/upgrade-via-npm.shby piping the output ofcurldirectly into thebashinterpreter. - This execution method is highly dangerous as it grants the remote script full execution privileges on the host system without prior inspection or validation of the script's content.
- An automated security scan has confirmed this as an untrusted remote code execution pattern.
- [COMMAND_EXECUTION]: The skill instructs the agent to perform local system operations by running shell commands in the terminal.
- The provided command includes flags like
-fsSLto suppress errors and follow redirects, which can be used to hide malicious activity during the script retrieval process. - The primary function of the skill is to facilitate software updates via external code, creating a significant attack surface for system-level modifications.
Recommendations
- HIGH: Downloads and executes remote code from: https://raw.githubusercontent.com/tencent-connect/openclaw-qqbot/main/scripts/upgrade-via-npm.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata