security-triage
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: Utilizes project maintenance tools including
gh,git, andnpmto automate the verification of security advisories, tags, and commits within the OpenClaw repository. - [COMMAND_EXECUTION]: Employs
pbcopyto assist the user in copying the final maintainer response to the system clipboard. - [SAFE]: Uses
$(mktemp)for the--userconfigflag innpm viewcommands, which is a security best practice to prevent reading or modifying the user's global.npmrcfile during automated lookups.
Audit Metadata