peaq Robotics
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: peaq-robotics Version: 0.1.7 The skill is designed with strong security controls, explicitly limiting its scope to interacting with a pre-existing peaq-robotics-ros2 environment without handling installation or value transfers. It implements robust input validation, restricts file access for `@json_file` arguments to predefined safe roots (skill folder, PEAQ_ROS2_ROOT, workspace .peaq_robot), and uses `subprocess.run` with argument lists in Python to prevent shell injection when calling `ros2` commands. No evidence of data exfiltration, malicious execution, persistence mechanisms, or obfuscation was found. The SKILL.md is transparent about its capabilities and limitations, and does not contain prompt injection attempts.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked, the agent can make persistent identity, storage, or access-control changes in the configured peaq/ROS environment.
The skill exposes commands that can create/read identity data, write/read storage, and modify access roles or permissions through ROS 2 services.
- DID create/read - Storage add/read - Access role/permission operations
Use the mutating commands only for explicit user requests, verify the target ROS domain and config, and review access-control changes before applying them.
Commands will act in the context of the local peaq robot configuration and any account or wallet identity that the ROS node uses.
The ROS node is started with a local peaq robot config, and the skill performs identity/access operations through that configured environment.
Config YAML exists (either: - set `PEAQ_ROS2_CONFIG_YAML`, or - use default `<PEAQ_ROS2_ROOT>/peaq_ros2_examples/config/peaq_robot.yaml`).
Set `PEAQ_ROS2_ROOT` and `PEAQ_ROS2_CONFIG_YAML` explicitly, verify they point to the intended account/config, and avoid exposing sensitive config files.
A compromised or unexpected local ROS workspace could affect what actually runs when the skill starts nodes.
The reviewed skill delegates core runtime behavior to local ROS packages and workspace code that are not installed or fully provenance-verified by this skill.
`peaq-robotics-ros2` workspace is already present and built.
Use only a trusted peaq-robotics-ros2 checkout/build and keep the ROS overlay environment under user control.
Sensitive data could be stored unintentionally, and retrieved JSON should not be blindly treated as trusted instructions.
The skill can write and later read JSON data through the storage service, including data that might be reused as agent state.
"Read my DID, store this JSON as `agent_state`, then read it back."
Avoid storing secrets, clearly label stored state, and treat data read back from storage as untrusted unless the user verifies it.
ROS 2 nodes may remain active until stopped, potentially continuing to interact with the configured robot/peaq environment.
Start commands launch ROS 2 nodes in the background and store PID/log files, so processes can continue after the initial command returns.
nohup "$@" >"$LOG_DIR/$name.log" 2>&1 &
Use the provided stop commands when finished and check the PID/log directories if behavior is unexpected.