v1.0.0

Mission Control

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:28 AM.

Analysis

Mission Control appears purpose-aligned as an OpenClaw dashboard, but it would run an external Node app that auto-uses your OpenClaw gateway token and can change agent jobs and settings.

GuidanceReview the GitHub source and dependencies at a pinned commit before installing. Keep the dashboard local-only, avoid enabling the systemd service until you trust it, use least-privilege or revocable tokens where possible, and be careful with cron, configuration, and session-history access.

Findings (5)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityMediumConfidenceHighStatusConcern

SKILL.md

| **Cron Monitor** | Toggle, run, create, delete scheduled jobs visually |

The dashboard exposes direct mutation of scheduled agent jobs. The artifact does not describe confirmation, audit, rollback, or scoping safeguards for these high-impact actions.

User impactA mistake, unauthorized UI access, or unsafe dashboard behavior could run, alter, or delete scheduled agent work.

RecommendationVerify that cron and configuration changes require clear user confirmation, are logged, and are restricted to trusted local users before enabling the dashboard.

Agentic Supply Chain Vulnerabilities

SeverityMediumConfidenceHighStatusConcern

SKILL.md

git clone https://github.com/Jzineldin/mission-control.git ... npm install ... node server.js

The skill is instruction-only but directs installation and execution of an external Node project and dependencies. This provenance gap is material because the same app is expected to read the OpenClaw gateway token and control the agent.

User impactInstalling it runs code outside the provided artifact with access to sensitive agent control credentials.

RecommendationReview the GitHub repository, service file, package files, and dependency lockfile at a pinned commit before running npm install or starting the server.

Rogue Agents

SeverityLowConfidenceHighStatusNote

SKILL.md

sudo cp mission-control.service /etc/systemd/system/ ... sudo systemctl enable --now mission-control

The optional production path installs a persistent systemd service. It is disclosed, but it keeps the dashboard running beyond the initial setup session.

User impactThe web control surface may remain active across reboots if enabled.

RecommendationOnly enable the service after review, restrict its OS user and network binding, and know how to disable it with systemctl.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityHighConfidenceHighStatusConcern

SKILL.md

Auto-detected from your OpenClaw setup:
- Gateway token from `~/.openclaw/openclaw.json`

The skill says the dashboard reads a local OpenClaw gateway token, while the registry metadata declares no credential or required config path. That token likely grants control over the user's OpenClaw agent.

User impactThe dashboard, and the external code it runs, could act through the user's OpenClaw gateway with the user's agent privileges.

RecommendationInstall only after reviewing the source, keep the dashboard bound to localhost, use a revocable or least-privilege gateway token if available, and ensure the credential path is explicitly documented.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityMediumConfidenceHighStatusNote

SKILL.md

| **Conversations** | Browse all sessions, view history, continue conversations |

The dashboard can access and continue prior OpenClaw sessions, which may contain private context or old instructions that could influence future work.

User impactAnyone with dashboard access could view private agent history or resume conversations with stale or sensitive context.

RecommendationRestrict dashboard access, review histories before continuing sessions, and configure retention or deletion policies where possible.