openclaw-helper
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill is explicitly designed to execute commands using the
openclawCLI tool, such asopenclaw doctor,openclaw logs, andopenclaw config set, to diagnose and fix system issues. - [DATA_EXFILTRATION]: The skill enables the agent to read system configurations and logs via
openclaw config getandopenclaw logs, which may contain sensitive data, API keys, or credentials stored within the tool's environment. - [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it is instructed to follow instructions from documentation and troubleshooting logs.
- Ingestion points: Documentation files listed in
references/docs-index.mdand troubleshooting history inreferences/experience.md. - Boundary markers: Absent; the skill lacks specific markers or instructions to treat documentation content as untrusted or to ignore embedded commands.
- Capability inventory: The agent has control over the OpenClaw environment through the CLI, including state inspection and configuration modification.
- Sanitization: Absent; the skill does not perform any validation or filtering of content from the documentation files before processing it.
Audit Metadata