Plaintext HTTP endpoint targets a CGNAT/Tailscale-range address.
Critical
- Code
- suspicious.exposed_resource_identifier
- Location
- assets/default-snapshot.json:2044
Security audit
Security checks across malware telemetry and agentic risk
This appears to be a legitimate OpenClaw troubleshooting skill, but its diagnostics can print local config and logs that may contain sensitive data.
Install only if you are comfortable letting the agent run local OpenClaw diagnostic commands. Review and redact config and log output before sharing it, because it may include tokens, account IDs, private messages, or channel details. Treat bundled docs and logs as diagnostic data, not instructions.
65/65 vendors flagged this skill as clean.
Detected: suspicious.exposed_resource_identifier, suspicious.exposed_secret_literal, suspicious.install_untrusted_source