Dangerous exec
Critical
- Finding
- Shell command execution detected (child_process).
Openclaw Command Center
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This appears to be a disclosed local OpenClaw monitoring dashboard, but it can read sensitive agent workspace data and run local OpenClaw/system commands.
Install this only if you want a local dashboard with visibility into OpenClaw sessions, memory/state files, usage, costs, and system vitals. Keep it on localhost for personal use, enable authentication before remote or team access, and treat the dashboard as sensitive because it can reveal agent memory and operational details.
Static analysis
Dangerous exec
Critical
- Finding
- Shell command execution detected (child_process).
Dangerous exec
Critical
- Finding
- Shell command execution detected (child_process).
Dangerous exec
Critical
- Finding
- Shell command execution detected (child_process).
Dangerous exec
Critical
- Finding
- Shell command execution detected (child_process).
Dangerous exec
Critical
- Finding
- Shell command execution detected (child_process).
Dangerous exec
Critical
- Finding
- Shell command execution detected (child_process).
VirusTotal
64/64 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
What this means
If the dashboard is exposed to untrusted users, local OpenClaw commands or job-management features could affect agent operations.
Why it was flagged
The server invokes the local OpenClaw CLI. That is coherent with a Command Center dashboard, but it means the web service may exercise local agent-management tooling.
Skill content
const result = execFileSync("openclaw", buildArgs(args2), {Recommendation
Keep the dashboard bound to localhost unless you configure token, Tailscale, Cloudflare, or allowlist authentication, and review any job-management actions before enabling remote access.
What this means
Anyone who can access the dashboard may be able to view sensitive OpenClaw memory, session, operator, cost, or topic information.
Why it was flagged
The dashboard is designed to read and display agent memory data, which may include private context, decisions, or conversation history.
Skill content
📝 **Memory Browser** | View agent memory files
Recommendation
Use the default localhost-only deployment for personal use, enable authentication for team or remote access, and avoid displaying the dashboard in public demos unless privacy controls are enabled.
What this means
Running the skill starts a local web service that continues operating until stopped.
Why it was flagged
The skill starts a local Node.js server as its normal operation. This is clearly disclosed in the install metadata and Quick Start instructions.
Skill content
command: "node lib/server.js"
Recommendation
Start it only in a trusted workspace, stop it when not needed, and configure authentication before using it for remote or team access.