Oathe Security Badge

Is JonathanJing/openclaw-dashboard safe?

https://clawhub.ai/JonathanJing/openclaw-dashboard

86
SAFE

OpenClaw Dashboard is a legitimate monitoring and management tool for OpenClaw installations. While it has extensive data access and execution capabilities, these are clearly documented, secured with appropriate controls, and necessary for dashboard functionality. The skill follows good security practices with opt-in sensitive operations and proper access restrictions.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 80/100 · 25%
Code Execution 75/100 · 20%
Clone Behavior 90/100 · 10%
Canary Integrity 85/100 · 10%
Behavioral Reasoning 80/100 · 5%

Findings (3)

MEDIUM Broad OpenClaw data access -20

The skill accesses extensive OpenClaw operational data including sessions, configurations, cron jobs, and workspace files. While documented and legitimate for dashboard functionality, this represents significant data access privileges.

MEDIUM Optional privileged operations -25

The skill includes environment flags that can enable sensitive operations like loading keys, accessing provider APIs, and system restarts. These are opt-in but represent elevated privileges.

LOW HTTP server with file operations -10

The skill runs a full Node.js HTTP server with filesystem access, child process execution, and network connectivity. Necessary for dashboard functionality but represents significant execution capabilities.