ClawStatus
Security checks across static analysis, malware telemetry, and agentic risk
Overview
ClawStatus appears to be a legitimate OpenClaw monitoring dashboard, but its documented default exposes session, model, and token-usage information on all network interfaces without documented access controls.
Use this only on a trusted host. Prefer running it as `clawstatus --host 127.0.0.1 --port 8900 --no-debug`, or put it behind a firewall, VPN, or authenticated reverse proxy before exposing it on 0.0.0.0. Install in a controlled Python environment and run it as a low-privilege user.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone who can reach the host and port may be able to view OpenClaw operational activity if the user does not add separate firewall, VPN, or reverse-proxy protections.
The documented command binds the dashboard to all network interfaces while the dashboard displays OpenClaw session, model, and token-usage information. The provided artifacts do not document authentication or network access restrictions.
- Session management with statistics - Model overview and configuration display - 15-day token usage analytics ... clawstatus --host 0.0.0.0 --port 8900 --no-debug
Prefer binding to 127.0.0.1 by default, or place the dashboard behind authentication and firewall rules before using --host 0.0.0.0.
The dashboard can reveal local OpenClaw configuration, agent, cron, and run-state information to whoever can access it.
The dashboard reads local OpenClaw configuration and runtime state from the user's home directory. That is expected for a status dashboard, but it means the app runs with visibility into the user's OpenClaw environment.
OPENCLAW_CONFIG = OPENCLAW_DIR / "openclaw.json" AGENTS_DIR = OPENCLAW_DIR / "agents" CRON_JOBS_PATH = OPENCLAW_DIR / "cron" / "jobs.json" SUBAGENT_RUNS_PATH = OPENCLAW_DIR / "subagents" / "runs.json"
Run it under a low-privilege trusted user account and expose the dashboard only to users who should see this operational data.
If OPENCLAW_BIN or PATH points to an unexpected binary, the dashboard would execute that binary with the user's permissions.
The app invokes the local OpenClaw CLI to collect status. The visible arguments are fixed and purpose-aligned, but users should know that the dashboard runs a local command under their account.
attempts = [([openclaw_bin, "status", "--json"], 20)] ... subprocess.run(cmd, capture_output=True, text=True, timeout=timeout_sec, check=False)
Use a trusted OpenClaw binary path, keep PATH controlled, and run the service as a non-privileged user.
Installing the package can add or upgrade Python dependencies and create a user-level executable.
The editable pip install registers a console command and installs web-server dependencies with broad version ranges. This is normal for a Flask dashboard, but it relies on the user's Python package supply chain.
install_requires=[
"flask>=2.0",
"waitress>=2.0",
],
entry_points={
"console_scripts": [
"clawstatus=clawstatus:main"Install in a virtual environment or other controlled Python environment, and review dependency versions before deployment.