openclaw-gateway
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE]: The skill is composed exclusively of informational markdown files and configuration metadata, with no active scripts or binary executables.
- [COMMAND_EXECUTION]: The documentation describes the functionality of the 'exec' and 'process' tools within the OpenClaw Gateway, which allow for shell command execution and background task management. These are documented core features of the tool and are presented for informational purposes.
- [PROMPT_INJECTION]: The skill utilizes local documentation files to answer user queries, which represents a surface for indirect prompt injection.
- Ingestion points: Internal markdown files located in 'references/en/gateway/'.
- Boundary markers: No explicit delimiters or instructions to ignore embedded instructions are present in the processing instructions.
- Capability inventory: The documented software supports high-privilege operations including 'exec', 'write', and 'apply_patch'.
- Sanitization: No sanitization or validation is applied to the documentation content before processing.
Audit Metadata