healthcheck
Warn
Audited by Gen Agent Trust Hub on May 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a wide range of system commands (e.g.,
ss,lsof,ufw,pfctl) to audit the host's security posture and applies hardening configurations such as firewall rule changes and SSH modifications. It also explicitly offers to establish persistence by scheduling periodic security audits using theopenclaw cronutility. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it ingests and processes untrusted data from the host environment.
- Ingestion points: System command outputs from discovery tools like
uname,lsof, andufware read into the agent context (SKILL.md). - Boundary markers: The skill does not use delimiters or provide explicit instructions to isolate command output from the main instruction set.
- Capability inventory: The skill possesses extensive system-level capabilities in SKILL.md, including firewall management, package installation, and service configuration.
- Sanitization: No sanitization or validation of command output is performed before the agent uses the data to generate its remediation plan.
Audit Metadata