Uninstaller
WarnAudited by ClawScan on May 10, 2026.
Overview
This uninstaller mostly matches its stated purpose, but its scheduler builds a host shell command from unescaped notification inputs, which could run unintended commands if given crafted values.
Install or invoke this only if you truly want to remove OpenClaw. Until the scheduler’s argument handling is fixed, avoid notification options with untrusted input and prefer no notification or a direct manual uninstall. Keep and protect the default backup if you may need your settings or credentials later, and prefer pinned or registry-based install methods over curl-to-bash.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A crafted notification value could make the scheduler run unintended commands on the gateway host when the uninstall job is scheduled.
Notification parameters from `--notify-email`, `--notify-ntfy`, and `--notify-im` are inserted into a shell command string without escaping single quotes, then executed through `bash -c`.
for a in "${EXTRA_ARGS[@]}"; do
ARG_STR="$ARG_STR '$a'"
done
CMD="sleep $DELAY && '$UNINSTALL_SCRIPT' $ARG_STR"
...
/bin/bash -c "$CMD"Do not pass untrusted notification values. The script should build an argv-safe wrapper or escape arguments with a robust shell-quoting method such as `printf %q` instead of concatenating strings for `bash -c`.
Running the uninstall flow can remove OpenClaw state, profiles, services, global packages, and the macOS app.
The uninstall script performs irreversible file and application deletion, though it validates OpenClaw state paths and the behavior is central to the skill's stated uninstall purpose.
rm -rf "$STATE_DIR" ... rm -rf "$d" ... rm -rf /Applications/OpenClaw.app
Run it only when you intend to uninstall OpenClaw. Keep the default backup unless you are certain you do not need the data, and use `--all-profiles` only if you want every OpenClaw profile removed.
Once scheduled, the uninstall can continue without further interaction and may be harder to cancel before it runs.
The skill intentionally schedules a background one-shot uninstall that continues after the chat/session disconnects. This is disclosed and purpose-aligned, but it is autonomous after scheduling.
After confirmation, it runs automatically ... ~15 seconds later the Gateway stops and uninstall runs in the background
Require an explicit user confirmation immediately before scheduling, and avoid invoking the IM uninstall flow if the request came from an untrusted or shared channel.
The backup directory may contain API keys or login tokens and should be protected like any credential store.
The skill discloses that backups may include saved credentials, which is expected for an uninstall backup but creates sensitive local copies.
Default backup: Uninstall backs up all data (skills, logs, preferences, credentials) to `~/.openclaw-backup-YYYYMMDD-HHMMSS/` before delete.
After uninstalling, review the backup directory permissions and contents. Delete it securely if you do not need it, or store it somewhere private if you plan to reinstall.
A chosen channel or ntfy topic may receive local backup path/status information.
Optional notifications can send uninstall status or backup-location information to user-selected IM or ntfy targets.
openclaw message send --channel "$channel" --target "$rest" --message "$BACKUP_MSG" ... curl -s -d "OpenClaw uninstalled" "https://ntfy.sh/$NOTIFY_NTFY"
Use private notification targets, avoid public ntfy topics or shared channels, and omit notification options if you do not need them.
If the remote repository or branch changes or is compromised, this install command would execute whatever script is served at that time.
The README documents an unpinned remote-script install method from the GitHub `main` branch. It is user-directed, not automatic, but the downloaded script can change over time.
bash -c "$(curl -fsSL https://raw.githubusercontent.com/ERerGB/openclaw-uninstall/main/scripts/install.sh)"
Prefer `clawhub install uninstaller` or clone and inspect the repository first. If using the GitHub script, pin to a reviewed commit rather than the moving `main` branch.