warn
suspicious.destructive_delete_command
- Location
- OPENCLAW_INSTALL.md:175
- Finding
- Documentation contains a destructive delete command without an explicit confirmation gate.
1panel Skill
AdvisoryAudited by Static analysis on May 10, 2026.
Overview
Detected: suspicious.destructive_delete_command
Findings (1)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
ConcernHigh Confidence
ASI02: Tool Misuse and ExploitationWhat this means
A mistaken or over-broad agent action could stop services, remove containers, change file permissions, alter databases, modify firewall/SSH settings, or affect production websites.
Why it was flagged
The skill intentionally exposes broad mutating server-administration APIs to an agent, but the artifacts do not show confirmation gates, resource allowlists, path restrictions, or rollback guidance for destructive operations.
Skill content
Full access to 580+ API endpoints ... Container lifecycle (create, start, stop, restart, pause, kill, remove) ... File Operations ... delete ... Permissions (chmod, chown) ... MySQL (create, delete, bind user, change password) ... Firewall rules ... SSH management
Recommendation
Use only with explicit human approval for destructive or security-sensitive actions, and prefer a dedicated low-privilege 1Panel API key or host allowlist if 1Panel supports it.
NoteHigh Confidence
ASI03: Identity and Privilege AbuseWhat this means
Anyone or any agent process with access to the environment variable may be able to act through the configured 1Panel account.
Why it was flagged
A 1Panel API key is expected for this integration, but it is also the credential that authorizes the broad server-management actions exposed by the skill.
Skill content
export ONEPANEL_API_KEY="your-api-key" ... API key from 1Panel Dashboard → Profile → API
Recommendation
Store the API key securely, avoid sharing it across unrelated agents, rotate it if exposed, and use HTTPS and least-privilege/scoped credentials where available.
ConcernHigh Confidence
ASI07: Insecure Inter-Agent CommunicationWhat this means
An unsafe invocation could connect 1Panel AI/MCP functionality to external channels or services, potentially expanding where agent messages, tools, or server capabilities are exposed.
Why it was flagged
The API wrapper can create or operate MCP servers and update or approve external agent/channel pairings, but the artifacts do not document identity checks, origin boundaries, or approval requirements for these inter-agent connections.
Skill content
async createMCPServer(params: any) ... async updateAgentDiscordConfig(params: any) ... async approveAgentChannelPairing(params: any)
Recommendation
Manually review and approve any MCP server, AI-agent, or chat-channel configuration changes, and restrict this skill from making those changes autonomously.
NoteMedium Confidence
ASI09: Human-Agent Trust ExploitationWhat this means
Users may assume all 1Panel operations are fully implemented and safe when the included documentation is internally inconsistent.
Why it was flagged
This coverage report conflicts with other artifacts that claim full or 100% API coverage, which could cause users to over-trust the maturity or completeness of the integration.
Skill content
**整体覆盖率** | **~49%** ... 覆盖率 = 287 / 584 = 49.1%
Recommendation
Verify critical operations in a test environment and treat the coverage claims as approximate unless the maintainer clarifies which report is current.