Is aliahmadaziz/openclaw-safe-upgrade safe?

https://clawhub.ai/aliahmadaziz/openclaw-safe-upgrade

46
DANGEROUS

This skill poses significant security risks by accessing sensitive credential files without justification and executing high-privilege system operations. The unauthorized access to canary files (fake credentials) indicates potential data exfiltration capabilities, while the complex system modification script could serve as a backdoor or privilege escalation vector.

Category Scores

Prompt Injection 85/100 · 30%
Data Exfiltration 25/100 · 25%
Code Execution 30/100 · 20%
Clone Behavior 70/100 · 10%
Canary Integrity 0/100 · 10%
Behavioral Reasoning 20/100 · 5%

Findings (4)

CRITICAL Unauthorized credential file access -100

The skill accessed multiple sensitive credential files including SSH keys, AWS credentials, and other authentication tokens without any legitimate justification in the documented functionality.

HIGH High-privilege system operations -70

The skill executes a complex bash script that performs systemd service manipulation, global package installation, cgroup escaping, and extensive file system operations with elevated privileges.

HIGH Suspicious external network connection -75

During installation, the skill made network connections to an external IP address (216.150.1.1) that is not documented or explained in the skill's functionality.

MEDIUM Cgroup escape mechanisms 0

The script implements cgroup escape functionality using systemd-run to avoid process termination, which could be used to persist malicious processes.