Security checks across malware telemetry and agentic risk
The skill is not clearly malicious, but it needs review because it auto-loads memory tools and includes under-scoped subprocess, remote embedding, and permissive approval behavior.
Install only after reviewing the auto-loaded memory tools and defaults. Disable or remove trusted-session auto-approval for write actions, keep auto-organize in dry-run mode until reviewed, avoid setting the OpenViking API key or embedding sensitive content unless third-party transfer is acceptable, and check the working-directory memory/audit-log.md behavior before relying on audit history.
### 🔐 4-Level Permission System - 🟢 **SAFE** - Read operations, no confirmation needed - 🟡 **MODERATE** - Write operations, auto-approve in trusted sessions - 🟠 **DANGEROUS** - Delete/Execute, always requires confirmation - 🔴 **DESTRUCTIVE** - Irreversible operations, explicit CONFIRM required
if (confirmMessage) {
return await (0, confirmation_dialog_1.showConfirmationDialog)(confirmMessage);
}
return true; // Auto-approve
}
//# sourceMappingURL=openclaw-adapter.js.map// Check if confirmation is required
const needsConfirm = this.getLevelScore(requiredLevel) >=
this.getLevelScore(this.requireConfirm);
// Auto-approve in trusted sessions for MODERATE operations
if (needsConfirm &&
this.trustedSessions.has(context.sessionId) &&
requiredLevel === types_1.PermissionLevel.MODERATE) {return {
allowed: true,
requiresConfirm: false,
reason: 'Auto-approved in trusted session'
};
}
// Build confirmation message if neededexports.defaultPermissionChecker = new PermissionChecker({
userLevel: types_1.PermissionLevel.MODERATE,
requireConfirm: types_1.PermissionLevel.MODERATE,
trustedSessions: ['main-session'] // Auto-approve MODERATE in main session
});
//# sourceMappingURL=permission-checker.js.maptry {
// Additional safety checks for dangerous commands
const dangerousPatterns = [
'rm -rf /',
'format',
'del /s /q',
'mkfs',try {
// Additional safety checks for dangerous commands
const dangerousPatterns = [
'rm -rf /',
'format',
'del /s /q',
'mkfs',66/66 vendors flagged this skill as clean.