openclaw-test-performance
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: Executes shell commands such as
pnpm test,pnpm check, andpnpm buildto evaluate and verify code changes. - [COMMAND_EXECUTION]: Utilizes a local script
scripts/committerto automate the process of committing and pushing performance-related updates to a remote repository. - [PROMPT_INJECTION]: The skill's workflow involves reading multiple markdown files (
AGENTS.md) located across the project structure to gather context for its tasks. This represents a surface for indirect prompt injection. - Ingestion points:
src/agents/AGENTS.md,src/channels/AGENTS.md,src/plugins/AGENTS.md,src/gateway/AGENTS.md,test/helpers/AGENTS.md,test/helpers/channels/AGENTS.md,src/infra/outbound/AGENTS.md. - Boundary markers: The skill does not implement delimiters or ignore-instructions markers when processing these files.
- Capability inventory: Includes shell execution, file system modifications, and automated git push capabilities.
- Sanitization: No evidence of sanitization or content validation for the read files.
- [DATA_EXFILTRATION]: The ability to push changes to a remote repository via
scripts/committercould be exploited to exfiltrate sensitive data if the agent is manipulated into staging unauthorized files. - [EXTERNAL_DOWNLOADS]: Fetches dependencies from the official npm registry using
pnpm installwhen required by the environment.
Audit Metadata