privilege_escalation
Privilege escalation attempt
Line 1203Snippets
error " sudo apt install git # Debian/Ubuntu" error " sudo dnf install git # Fedora/RHEL" error " sudo pacman -S git # Arch" chmod +x "${fake_home}/.bun/bin/bun" chmod +x "${fake_home}/.local/bin/uv"install_script
Third-party install script executed on the fly
Third-party install script executed on the fly
Line 11Snippets
curl -fsSL https://install.cmem.ai/openclaw.sh | bashcurl -fsSL https://install.cmem.ai/openclaw.sh | bash -s -- --provider=gemini --api-key=YOUR_KEYcurl -fsSL https://install.cmem.ai/openclaw.sh | bash -s -- --non-interactivecurl -fsSL https://install.cmem.ai/openclaw.sh | bash -s -- --upgradecurl -fsSL https://bun.sh/install | bashfs_write
Filesystem write access
Filesystem write access
Line 1171Snippets
rm -rf "$dir" rm -rf "$existing_plugin_dir" require('fs').writeFileSync(process.env.INSTALLER_PACKAGE_DIR + '/package.json', JSON.stringify(pkg, null, 2)); fs.writeFileSync(configPath, JSON.stringify(config, null, 2)); fs.writeFileSync(configPath, JSON.stringify(config, null, 2));self_modifying_code
Write to executable or config file
Write to executable or config file
Line 1790Snippets
require('fs').writeFileSync(process.env.INSTALLER_PACKAGE_DIR + '/package.json', JSON.stringify(pkg, null, 2));network_call
Outbound network call
Outbound network call
Line 11Snippets
curl -fsSL https://install.cmem.ai/openclaw.sh | bashcurl -fsSL https://install.cmem.ai/openclaw.sh | bash -s -- --provider=gemini --api-key=YOUR_KEYcurl -fsSL https://install.cmem.ai/openclaw.sh | bash -s -- --non-interactivecurl -fsSL https://install.cmem.ai/openclaw.sh | bash -s -- --upgradecurl -fsSL https://bun.sh/install | bashhardcoded_secret
Potentially hardcoded secret
Potentially hardcoded secret
Line 1074Snippets
CLI_API_KEY="${1#--api-key=}" AI_PROVIDER_API_KEY="${CLI_API_KEY}" AI_PROVIDER_API_KEY="${CLI_API_KEY}" INSTALLER_AI_API_KEY="$AI_PROVIDER_API_KEY" \ AI_PROVIDER_API_KEY="test-gemini-key-1234"dynamic_import
Suspicious dynamic import
Suspicious dynamic import
Line 1790Snippets
require('fs').writeFileSync(process.env.INSTALLER_PACKAGE_DIR + '/package.json', JSON.stringify(pkg, null, 2));fs_read
Filesystem read access
Filesystem read access
Line 1804Snippets
const config = JSON.parse(fs.readFileSync(configPath, 'utf8')); const config = JSON.parse(fs.readFileSync(configPath, 'utf8')); const pkg = JSON.parse(fs.readFileSync(pkgPath, 'utf8')); const config = JSON.parse(fs.readFileSync(configPath, 'utf8')); let existing = JSON.parse(fs.readFileSync(settingsPath, 'utf8'));env_access
Environment variable access
Environment variable access
Line 1331Snippets
data = json.loads(os.environ['INSTALLER_HEALTH_JSON']) const data = JSON.parse(process.env.INSTALLER_HEALTH_JSON); require('fs').writeFileSync(process.env.INSTALLER_PACKAGE_DIR + '/package.json', JSON.stringify(pkg, null, 2)); const configPath = process.env.INSTALLER_CONFIG_FILE; const configPath = process.env.INSTALLER_CONFIG_FILE;Trust Score
Updated letzte Woche
Analysiert
31.03.2026, 15:58
+ 2 previous scans
Kompatibel mit
Skill details
Updated letzte Woche
Analysiert 31.03.2026, 15:58
Beschreibung
Skill openclaw
Letzte Scans
31.03.2026, 15:58
Latest analysis
31.03.2026, 15:13
Run 2
27.03.2026, 15:53
Run 1