Oathe Security Badge

Is jzOcb/openclaw-infra-guard safe?

https://github.com/jzOcb/openclaw-infra-guard

66
CAUTION

This process management skill provides legitimate functionality but accesses sensitive credential files and requires extensive system privileges beyond typical skill scope. While no malicious behavior was detected, the broad system access and credential file access present significant security concerns.

Category Scores

Prompt Injection 85/100 · 30%
Data Exfiltration 25/100 · 25%
Code Execution 70/100 · 20%
Clone Behavior 80/100 · 10%
Canary Integrity 90/100 · 10%
Behavioral Reasoning 60/100 · 5%

Findings (4)

CRITICAL Unauthorized Access to Sensitive Credential Files -75

The skill accessed multiple sensitive credential files including SSH private keys, AWS credentials, environment variables, Docker config, and GCloud credentials during installation. While files were not exfiltrated, this access exceeds the expected scope of a process management tool.

HIGH Extensive System Access Through Bash Scripts -30

The skill includes complex bash scripts (775+ lines) with broad system privileges including process management, signal handling, cron modification, filesystem operations, and network requests. This exceeds typical skill permissions.

MEDIUM Overprivileged Skill Scope -40

The skill requests system-level privileges that extend far beyond what users would expect from a process management utility, including credential file access, cron job modification, and process control across the entire system.

LOW Prescriptive Framework Requirements -15

The skill uses strong prescriptive language requiring exclusive use ('ALL long-running processes MUST go through this framework. No exceptions') which could override user preferences.