openclaw-agent-creator
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFE
Full Analysis
- Data Exposure (SAFE): The
scripts/init_workspace.pyscript reads theSHELLenvironment variable to document the local environment inTOOLS.md. This is a low-risk, intended use of system metadata for agent context. - Indirect Prompt Injection (SAFE): The
scripts/promote_keep.pyscript implements a feature to promote specific lines to long-term memory. This creates a theoretical surface for indirect injection if the source file contains untrusted content, but it is a core functional requirement of the 'Memory as Documentation' architecture. - Ingestion points:
scripts/promote_keep.pyreads the file provided via the--dailyargument. - Boundary markers: None (uses a regex prefix match for
KEEP:). - Capability inventory: Performs local file write operations to update
MEMORY.md. - Sanitization: None; the script appends content as extracted from the source file.
- Security Feature (INFO): The
scripts/init_workspace.pyscript generates a.gitignorefile that explicitly excludes secrets and sensitive file patterns, demonstrating good security hygiene for workspace management.
Audit Metadata