Dangerous exec
Critical
- Finding
- Shell command execution detected (child_process).
OnDeckLLM
Security checks across static analysis, malware telemetry, and agentic risk
Overview
OnDeckLLM is a coherent local dashboard skill, but users should know it installs an external npm package and can read or change local LLM provider configuration.
Install this only if you trust the OnDeckLLM npm package. Before using it, understand that the dashboard can read and update your OpenClaw provider configuration and stores local settings and usage logs under ~/.ondeckllm/. Review any routing or provider changes before syncing them.
Static analysis
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
#
ASI04: Agentic Supply Chain Vulnerabilities
Low
What this means
Installing the dashboard gives code from the npm package the ability to run locally on the user’s machine.
Why it was flagged
The skill depends on a globally installed npm package whose implementation is not included in the provided artifacts. This is disclosed and purpose-aligned, but users must trust that external package.
Skill content
Requires: Node.js 22+, OnDeckLLM installed (`npm install -g ondeckllm`).
Recommendation
Install only from the expected npm package, verify the publisher/source if possible, and keep it updated.
#
ASI05: Unexpected Code Execution
Low
What this means
Running the helper script reads the local process list to report dashboard status.
Why it was flagged
The included helper script executes a fixed local shell command to check whether the dashboard process is running. It does not take user-controlled command arguments.
Skill content
const out = execSync("ps aux | grep '[o]ndeckllm' | grep -v 'status.js'", {Recommendation
Use the helper only for local status checks; no additional action is needed based on the provided code.
#
ASI03: Identity and Privilege Abuse
Medium
What this means
Dashboard changes can alter which LLM providers and models OpenClaw uses.
Why it was flagged
The dashboard is explicitly allowed to read and modify OpenClaw provider/routing configuration, which may affect accounts, API usage, and future model selection.
Skill content
OnDeckLLM reads provider config from `~/.openclaw/openclaw.json` automatically. Changes made in the dashboard sync back to OpenClaw config.
Recommendation
Review provider and routing changes before syncing them back to OpenClaw, especially if the config contains paid API providers.
#
ASI06: Memory and Context Poisoning
Low
What this means
Local files may retain provider settings, usage history, and preferred model routing after the dashboard is closed.
Why it was flagged
The skill discloses persistent local storage for provider settings, usage/cost logs, and routing profiles that can influence future use.
Skill content
OnDeckLLM stores its data in `~/.ondeckllm/`: `config.json` — provider settings, port, Ollama URL; `usage.jsonl` — cost tracking log; `profiles/` — saved batting-order profiles
Recommendation
Review or remove ~/.ondeckllm/ data if you no longer want those settings or logs retained.