ClawHub
Back to skill
v1.1.0

Ops Deck

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 7:55 AM.

Analysis

Ops Deck appears to be a disclosed local dashboard setup guide, but it involves local services, package installs, persistent processes, and sensitive local operational/code data that users should review before installing.

GuidanceBefore installing, review the setup commands, run services as a normal user, restrict access to the local dashboard ports, and configure indexing/exclusions so private code, secrets, and sensitive agent memory are not unintentionally displayed or searched.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceHighStatusNote
SKILL.md
npm install -g pm2
pip install fastapi uvicorn aiofiles
ollama pull qwen3-embedding:8b

The setup relies on external package/model downloads, including a global npm install and unpinned Python packages. This is expected for the dashboard stack, but users should review and pin dependencies if needed.

User impactInstalling the skill may add external software and a local embedding model to the user’s environment.
RecommendationInstall in a controlled environment, prefer a Python virtual environment, pin package versions where practical, and review dependency sources before running the setup commands.
Rogue Agents
SeverityLowConfidenceHighStatusNote
SKILL.md
PM2 (process manager)

The dashboard expects persistent local services managed by PM2. This persistence is coherent with a self-hosted dashboard and is not hidden, but users should know it can keep running after setup.

User impactLocal dashboard/API processes may continue running until explicitly stopped or removed.
RecommendationUse normal-user privileges, document the PM2 process names, and know how to stop or uninstall the services if no longer needed.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning
SeverityLowConfidenceHighStatusNote
SKILL.md
Semantic search across your entire codebase using local embeddings.

The code search feature indexes local source code into embeddings. The artifact says this is local and purpose-aligned, but codebases can contain secrets or private business logic.

User impactPrivate code or embedded secrets could become searchable through the local dashboard if included in the indexed paths.
RecommendationConfigure clear project roots and exclusions for secrets, build artifacts, vendor folders, and private files before indexing.
Memory and Context Poisoning
SeverityLowConfidenceHighStatusNote
SKILL.md
Tabbed viewer for your agent configuration files: AGENTS.md, SOUL.md, TOOLS.md, USER.md, MEMORY.md, IDENTITY.md.

The dashboard is designed to display agent configuration, memory, identity, and user files. This is disclosed and relevant to the tool, but those files may contain sensitive personal or operational instructions.

User impactSensitive agent profile or memory content may be visible in the local dashboard.
RecommendationReview what is stored in these files, restrict dashboard access to trusted local users, and avoid placing credentials or private personal data in displayed configuration files.