minecraft-server-admin

Security checks across static analysis, malware telemetry, and agentic risk

Overview

The skill matches its stated Minecraft RCON admin purpose, but it gives the agent powerful server-console access, so use it only for servers you control.

Install this only for Minecraft servers you control. Protect the RCON password like an admin credential, keep RCON network access restricted, and carefully review high-impact commands such as op, ban, fill, kill, stop, and save-off before confirming.

Static analysis

Exposed secret literal

Critical

Finding: File appears to expose a hardcoded API secret or token.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

ASI02: Tool Misuse and Exploitation

Medium

What this means

If the agent or user sends the wrong command, it can make immediate changes to the Minecraft server.

Why it was flagged

The helper forwards the supplied command directly to the configured Minecraft RCON console. This is central to the skill, but RCON commands can ban players, grant operator privileges, change world state, or stop the server.

Skill content

const command = args.join(' ');
  rconExec(command)

Recommendation

Use the documented confirmation flow for destructive commands, review the exact command before approval, and consider adding command allowlists or runtime confirmation checks for high-risk commands.

ASI03: Identity and Privilege Abuse

Medium

What this means

Anyone or any agent action with this credential can administer the configured Minecraft server.

Why it was flagged

The skill uses an RCON password from the environment to authenticate to the server. That credential is expected, but it effectively grants console-level Minecraft administration.

Skill content

password: process.env.MC_RCON_PASSWORD || ''

Recommendation

Use a strong RCON password, keep RCON firewalled or bound to trusted networks, and rotate the password if you suspect exposure.

ASI04: Agentic Supply Chain Vulnerabilities

Low

What this means

An unpinned dependency can change over time, which may affect reproducibility or supply-chain review.

Why it was flagged

The install mechanism pulls an npm package for RCON support. This is purpose-aligned, but the provided install specification does not pin a package version.

Skill content

node | package: rcon-client

Recommendation

Prefer a pinned dependency version or verify the installed package before use.

ASI06: Memory and Context Poisoning

Low

What this means

Player names, moderation actions, and server administration history may persist beyond the current session.

Why it was flagged

The skill intentionally stores operation records in persistent OpenClaw Memory, including command and result details.

Skill content

**Audit logging**: After each operation, append to OpenClaw Memory

Recommendation

Review what is stored in memory, avoid including secrets in commands or reasons, and clear audit memory if it should not be retained.