Skillv0.10.0

Static analysis security

Everclaw — Inference You Own · Deterministic local checks for risky code patterns and metadata mismatches.

SuspiciousApr 30, 2026, 4:58 AM

Summary: Detected: suspicious.dangerous_exec, suspicious.env_credential_access, suspicious.install_untrusted_source (+2 more)
Reason codes: suspicious.dangerous_execsuspicious.env_credential_accesssuspicious.install_untrusted_sourcesuspicious.potential_exfiltrationsuspicious.prompt_injection_instructions
Engine: v2.4.5

criticalscripts/bootstrap-everclaw.mjs:154

Shell command execution detected (child_process).

suspicious.dangerous_exec

criticalscripts/bootstrap-gateway.mjs:98

Shell command execution detected (child_process).

suspicious.dangerous_exec

criticalscripts/coingecko-x402.mjs:28

Shell command execution detected (child_process).

suspicious.dangerous_exec

criticalscripts/everclaw-deps.mjs:212

Shell command execution detected (child_process).

suspicious.dangerous_exec

criticalscripts/everclaw-wallet.mjs:54

Shell command execution detected (child_process).

suspicious.dangerous_exec

criticalscripts/setup.mjs:202

Shell command execution detected (child_process).

suspicious.dangerous_exec

criticalscripts/x402-client.mjs:88

Shell command execution detected (child_process).

suspicious.dangerous_exec

criticalscripts/coingecko-x402.mjs:35

Environment variable access combined with network send.

suspicious.env_credential_access

criticalscripts/morpheus-proxy.mjs:21

Environment variable access combined with network send.

suspicious.env_credential_access

criticalscripts/x402-client.mjs:46

Environment variable access combined with network send.

suspicious.env_credential_access

warntemplates/flavors/morpheusclaw/cron-jobs.json:22

Install source points to URL shortener or raw IP.

suspicious.install_untrusted_source

warntemplates/openclaw-config-linux.json:49

Install source points to URL shortener or raw IP.

suspicious.install_untrusted_source

warntemplates/openclaw-config-mac.json:47

Install source points to URL shortener or raw IP.

suspicious.install_untrusted_source

warnscripts/morpheus-proxy.mjs:84

File read combined with network send (possible exfiltration).

suspicious.potential_exfiltration

warnscripts/x402-client.mjs:113

File read combined with network send (possible exfiltration).

suspicious.potential_exfiltration

warnprompt-guard/blog/how-i-secured-my-ai-agent.md:12

Prompt-injection style instruction pattern detected.

suspicious.prompt_injection_instructions

warnprompt-guard/README.md:34

Prompt-injection style instruction pattern detected.

suspicious.prompt_injection_instructions

warnprompt-guard/SKILL.md:30

Prompt-injection style instruction pattern detected.

suspicious.prompt_injection_instructions