Back to plugin

Security audit

Agent Passport

Security checks across malware telemetry and agentic risk

Overview

Prompt-injection indicators were detected in the submitted artifacts (ignore-previous-instructions); human review is required before treating this skill as clean.

Install this only if you want an administrative trust layer for OpenClaw. Start in audit/warn and dry-run modes, review shell-backed install/update commands before execution, keep trust/block decisions operator-directed, protect .openclaw/agent-passport local logs, and verify whether the bundled .tgz archives are intentional. ClawScan detected prompt-injection indicators (ignore-previous-instructions), so this skill requires review even though the model response was benign.

VirusTotal

VirusTotal engine telemetry is currently stale for this artifact.

View on VirusTotal

Static analysis

Detected: suspicious.dangerous_exec, suspicious.exposed_secret_literal

Shell command execution detected (child_process).

Critical
Code
suspicious.dangerous_exec
Location
src/index.ts:876
Evidence
const child = spawn("/bin/sh", ["-lc", command], {

File appears to expose a hardcoded API secret or token.

Critical
Code
suspicious.exposed_secret_literal
Location
src/index.ts:1138
Evidence
const authorization = [REDACTED](beforeState);