Abaddon
WarnAudited by ClawScan on May 10, 2026.
Overview
Abaddon is a coherent security-audit skill, but it can run nightly, inspect credential-like data, and save or send findings without clear redaction controls.
Install only if you want a persistent red-team audit mode. Before enabling the cron job, confirm where reports and Telegram alerts go, add redaction for any secret values, and review or disable the nightly job if you only want manual scans.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
API keys, tokens, or other secrets could be discovered during the scan and become part of the agent's report or context.
The skill explicitly instructs the agent to inspect credential-bearing locations and profile/config data. That matches the audit purpose, but it is high-impact local credential access and the artifacts do not clearly bound which values may be read or recorded.
Keys in Keychain or flat files? ... Keys leaking through env vars? ... Secrets in git history? ... Hardcoded tokens in .zshrc?
Require explicit user approval for credential scans, declare the sensitive access clearly, and redact secret values by default.
Credential-like strings or sensitive file paths could be stored in audit memory and later exposed to users, agents, backups, or sync processes that can read that memory.
The prompt combines secret-pattern searches with instructions to save exact command output and evidence into persistent audit memory, with no redaction or retention guidance.
Plaintext key scan: `grep -r "sk-\|xai-\|Bearer\|api_key" ~/.openclaw/workspace/ ...` ... `Full format — exact commands run, evidence captured... Save to: memory/audits/abaddon-YYYY-MM-DD.md`
Store only redacted findings, file paths, and line numbers; avoid saving raw secret values; protect the audit directory; and add retention or cleanup guidance.
Sensitive security findings could be posted to a chat destination with unclear membership or retention.
The scheduled job can send security findings to Telegram, an external delivery channel, but the artifacts do not define recipient validation, redaction rules, or what details may be included in alerts.
CRITICAL findings: send immediate Telegram alert. Save technical report to memory/audits/abaddon-YYYY-MM-DD.md. Post summary with grade to Telegram Security topic.
Make Telegram delivery opt-in, validate the destination, and ensure alerts contain redacted summaries rather than raw secrets or detailed exploit evidence.
After setup, the agent can run the audit every night without another manual prompt.
The setup script creates an enabled nightly autonomous agent turn. This is disclosed and aligned with the stated nightly audit purpose, but it is persistent behavior.
"enabled": True, ... "expr": "45 3 * * *", ... "wakeMode": "now", ... "payload": { "kind": "agentTurn"Review `~/.openclaw/cron/jobs.json` after installation and disable or remove the Abaddon job if nightly scans are not desired.
The scan can collect detailed local environment information and command output.
The skill directs the agent to run multiple local diagnostic commands. These are expected for a security audit, but they read system, workspace, and dependency state.
`lsof -iTCP -sTCP:LISTEN` ... `systemsetup -getremotelogin` ... `git -C ~/.openclaw/workspace log -p --all` ... `brew outdated` ... `npm outdated -g`
Run it only on systems you administer, and review the report for sensitive data before sharing it.
Users have less provenance information to rely on before running the setup script.
The registry metadata provides limited provenance and no formal install spec, while the artifact includes a setup script that modifies OpenClaw cron configuration.
Source: unknown; Homepage: none ... No install spec — this is an instruction-only skill ... 1 code file(s): setup/cron-seed.sh
Inspect the included files before installation and prefer a version with clear source, homepage, and install metadata.