ClawBridge
WarnAudited by ClawScan on May 10, 2026.
Overview
ClawBridge is a disclosed dashboard, but it asks you to run an unreviewed remote installer that creates a persistent service and optional internet-accessible control surface for agent activity and cron tasks.
Treat this as a high-impact install. Before using it, review the upstream GitHub installer and application code, avoid enabling the Cloudflare tunnel unless necessary, protect the generated access key, and make sure you know how to stop and disable the systemd service.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing the skill runs code that can change after publication and is not visible in the reviewed package.
The installation and update path executes a mutable remote script from GitHub directly in the shell, while the submitted artifact set contains no installer or application code for review.
curl -sL https://raw.githubusercontent.com/dreamwing/clawbridge/master/install.sh | bash
Only install after reviewing the upstream installer and repository; prefer a pinned release, checksum verification, and included install files.
A dashboard login or exposed remote endpoint could potentially start agent automations with effects outside the dashboard itself.
The dashboard can initiate OpenClaw cron tasks remotely, but the artifacts do not define which tasks can be triggered, what confirmation is required, or how actions are audited or limited.
🚀 **Mission Control**: Trigger cron jobs manually from your phone.
Use only with tightly scoped cron tasks, strong authentication, and clear per-action confirmation/audit controls.
The dashboard may remain active and reachable until explicitly stopped or disabled, especially if remote tunneling is enabled.
The skill creates a persistent background service that continues operating after installation and restarts automatically.
Registers a user-level systemd service (clawbridge.service) that auto-starts on login and restarts on failure.
Confirm you want a persistent service before installing; know how to stop, disable, and uninstall it, and revoke any tunnel credentials when no longer needed.
Agent prompts, outputs, reasoning traces, costs, and control actions may become accessible over a remote dashboard if credentials or tunnel URLs are mishandled.
Sensitive live agent activity and controls can be exposed through a web dashboard and optional third-party tunnel, but the artifacts do not fully specify origin restrictions, session lifetime, authorization scope, or revocation behavior.
Watch agent execution and thinking in real-time via WebSocket. ... Optionally creates an outbound-only Cloudflare tunnel for remote access.
Avoid enabling remote access unless needed; use strong unique keys, restrict tunnel access, and review what data the dashboard streams.
Local dashboard data could reveal what agents did, how much they cost, or potentially sensitive task context.
The skill persists monitoring data locally, which is expected for a dashboard but may include sensitive agent activity or usage information.
Stores local agent log and token usage analytics.
Review the data directory, retention behavior, and access permissions before using it with sensitive agent work.
Anyone with the access key or tunnel credentials may be able to reach or administer the dashboard depending on the implementation.
The skill uses a generated dashboard access key and may use a Cloudflare tunnel token; these are purpose-aligned but grant access to the dashboard or tunnel.
ACCESS_KEY ... required to authenticate dashboard logins ... TUNNEL_TOKEN ... Cloudflare Tunnel token for a permanent named tunnel.
Keep the generated access key private, do not share tunnel URLs broadly, and rotate or revoke credentials if exposed.