Sovereign project-setup-wizard
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: sovereign-project-setup-wizard Version: 1.0.0 The skill is classified as suspicious due to a critical shell injection vulnerability (Remote Code Execution) present in `scripts/setup.sh`. User-controlled inputs such as `PROJECT_NAME`, `DESCRIPTION`, `AUTHOR_NAME`, and `AUTHOR_EMAIL` (obtained via command-line arguments, interactive prompts, or environment variables) are directly interpolated into shell commands and here-documents without proper sanitization. This allows an attacker to inject and execute arbitrary shell commands by crafting malicious input, for example, by providing a project name like `my-app$(rm -rf /)`.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If run with the wrong project name or output directory, it can create files in an unintended local location.
The script creates directories and files at a path derived from user-provided options. This is expected for a project scaffolder, but it is still a persistent local file operation.
PROJECT_DIR="$OUTPUT_DIR/$PROJECT_NAME" ... mkdir -p "$dir" ... echo "$content" > "$filepath"
Use --dry-run first for unfamiliar templates, choose the output directory carefully, and review generated files before committing or using them.
A user may not realize from the registry summary alone that installing the skill means running a local bash script that expects bash and git.
The registry summary under-declares the local executable script and tool expectations that are described elsewhere in the artifacts.
Required binaries (all must exist): none ... No install spec — this is an instruction-only skill. ... Code file presence: scripts/setup.sh
Treat it as a local script-based skill, ensure bash/git are available, and inspect the script if your environment has stricter installation controls.
Your Git-configured name or email may be copied into generated project metadata and could later become public if you publish the project.
The script reads local Git profile identity to prefill author fields. This is purpose-aligned, but it may place personal name/email data into generated project files.
AUTHOR_NAME=$(git config user.name 2>/dev/null || echo "") ... AUTHOR_EMAIL=$(git config user.email 2>/dev/null || echo "")
Review or override the author name and email prompts, especially before publishing the generated scaffold.