Skillv1.0.1

ClawScan security

ZeroTier Remote Web Access · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 4, 2026, 8:14 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's files and runtime instructions are consistent with its stated purpose (binding OpenClaw Gateway to a ZeroTier IP and toggling remote access), but it makes explicit insecure configuration changes and contains some coding issues you should review before running.
Guidance: This skill appears to do what it says: it will back up and modify ~/.openclaw/openclaw.json, bind the gateway to 0.0.0.0, add your ZeroTier IP to allowedOrigins, and intentionally relax authentication (allowInsecureAuth = true, dangerouslyDisableDeviceAuth = true). Those are powerful, security-reducing changes — only enable them if you fully understand the risks and trust all devices on the ZeroTier network. Before running: 1) Manually inspect the scripts (they're included) and confirm you accept the auth changes. 2) Make an independent manual backup of ~/.openclaw/openclaw.json and test recovery. 3) Do not blindly run the suggested `curl | sudo bash` installer — instead use official distribution channels or review the installer script. 4) After enabling, rotate or securely manage tokens printed by the script and restrict ZeroTier network membership to trusted devices. 5) Note there are some coding issues (use of await/import in places that may cause runtime errors); test in a safe environment before using on production systems. If you want, I can highlight the exact lines that change authentication and show a safer recommended config alternative.

Review Dimensions

Purpose & Capability: okThe name/description (ZeroTier remote web access) matches the implementation: scripts check ZeroTier, read/modify ~/.openclaw/openclaw.json, back up files, and restart the OpenClaw gateway. No unrelated credentials or cloud APIs are requested.
Instruction Scope: noteThe SKILL.md and scripts perform file reads/writes under the user's home (~/.openclaw/openclaw.json), system commands (systemctl, zerotier-cli, ip, ss, pgrep, pkill, nohup), and modify auth-related fields (allowInsecureAuth, dangerouslyDisableDeviceAuth) and bind to 0.0.0.0. These actions are within the stated scope but have significant security implications (they deliberately relax authentication and expose services). SKILL.md also suggests installing ZeroTier via `curl | sudo bash`, which is a potentially risky installation pattern to follow blindly.
Install Mechanism: okThis is an instruction-only skill with included scripts; there is no install spec that downloads external archives. The skill does not pull code from third-party URLs at install time. The only external installation guidance in SKILL.md is a recommendation to run ZeroTier's installer via curl, which is common but should be treated cautiously.
Credentials: okThe skill requests no environment variables or external credentials. It reads and writes the local OpenClaw config and uses local system tools (ZeroTier CLI, systemctl). That access is proportional to the purpose of changing gateway binding and authentication.
Persistence & Privilege: okThe skill is not always-enabled and is user-invocable. It only modifies the OpenClaw configuration in the user's home directory and restarts the gateway process; it does not alter other skills or system-wide agent settings. This is expected for its functionality.