ClawHub

OpenClaw Windows WSL2 Install Guide

Security checks across malware telemetry and agentic risk

Overview

This is a coherent OpenClaw WSL install guide, but it includes several broad security and privilege changes that users should review carefully before following.

Review and modify the instructions before installing: avoid the blanket passwordless sudo rule, prefer standard sudo authentication, verify any downloaded installer before running it, restrict or skip the firewall rule unless remote access is needed, and do not disable antivirus or Core Isolation except as a last-resort temporary troubleshooting step you fully understand.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Context-Inappropriate Capability

Medium
Confidence
98% confidence
Finding
The guide explicitly tells users to add `openclaw ALL=(ALL) NOPASSWD: ALL` to `/etc/sudoers`, granting passwordless root access for all commands. In an installation guide, this is unnecessary and materially weakens local privilege boundaries: any process running as that user can immediately execute arbitrary commands as root without re-authentication.

Context-Inappropriate Capability

Medium
Confidence
91% confidence
Finding
The guide creates a Windows Firewall allow rule for TCP port 18789 without clearly constraining source scope or warning that this may expose the OpenClaw service to other hosts on the network. For a documentation skill, opening inbound access is a privileged system change with broader exposure than is justified by basic installation steps.

Context-Inappropriate Capability

High
Confidence
96% confidence
Finding
The troubleshooting advice recommends disabling third-party antivirus and Windows Defender Core Isolation/Memory Integrity to work around installation issues. Disabling endpoint protections reduces host security posture and can enable unrelated malware execution or kernel-level attack paths, especially on a machine that is also being instructed to download and run software from the internet.

Missing User Warnings

Medium
Confidence
99% confidence
Finding
Adding a blanket passwordless sudo rule is dangerous even if intended for convenience, and the guide does not adequately warn users about the permanent privilege-escalation implications. In this context, the omission is especially risky because the same guide later has users run downloaded software and startup commands in that environment.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The firewall rule opens an inbound port but does not clearly warn that a listening service may become reachable from the network, depending on Windows networking mode and firewall profile. Users may assume this is harmless installation plumbing when it actually changes host exposure.

Missing User Warnings

High
Confidence
99% confidence
Finding
`curl -fsSL https://molt.bot/install.sh | bash` downloads and immediately executes remote code with no integrity verification, review step, pinning, or provenance validation. This is one of the highest-risk patterns in install guides because compromise of the endpoint, DNS, TLS trust, or upstream script directly yields arbitrary code execution on the user's system.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal