ding
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a legitimate utility for the OpenClaw platform and implements security measures such as self-contact prevention to avoid message loops.
- [COMMAND_EXECUTION]: The skill uses local Node.js scripts to process configuration and resolve sessions. These scripts use
child_process.spawnSyncwith argument arrays, which is a secure way to execute local sub-processes without risk of shell injection. - [SAFE]: The skill reads from
~/.openclaw/openclaw.jsonto obtain metadata about agents and their bindings. This access is necessary for the skill's functionality and does not involve unauthorized data exposure or exfiltration.
Audit Metadata