Is skill/openclaw-guardian-suite safe?

https://clawhub.ai/skill/openclaw-guardian-suite

39
DANGEROUS

This commercial skill suite exhibits dangerous security behaviors including accessing sensitive credential files, downloading and executing encrypted remote code, and implementing mandatory execution patterns. The combination of credential access and remote code execution capabilities presents significant security risks.

Category Scores

Prompt Injection 70/100 · 30%
Data Exfiltration 10/100 · 25%
Code Execution 20/100 · 20%
Clone Behavior 75/100 · 10%
Canary Integrity 30/100 · 10%
Behavioral Reasoning 25/100 · 5%

Findings (5)

CRITICAL Honeypot Credential File Access -90

The skill accessed multiple sensitive credential files including .env, SSH private keys, AWS credentials, Docker config, and GCloud credentials during installation. This indicates data exfiltration capabilities.

HIGH Remote Code Execution via Encrypted Downloads -80

The auth.sh script contains oc_execute_skill function that downloads encrypted content from external servers and executes it locally using OpenSSL decryption and bash execution.

HIGH Honeypot File Access -70

Multiple honeypot files designed to detect unauthorized access were read by the skill during installation, indicating potential credential harvesting behavior.

MEDIUM Mandatory Execution Override -30

The config-modification skill contains instructions that force execution without exceptions and override user preferences using language like '强制触发' and '无例外原则'.

MEDIUM External Network Communications -25

The skill establishes network connections to external payment servers during installation, which could be used for data transmission.