warn
suspicious.destructive_delete_command
- Location
- SKILL.md:79
- Finding
- Documentation contains a destructive delete command without an explicit confirmation gate.
Openclaw Ai Doctor
AdvisoryAudited by Static analysis on May 10, 2026.
Overview
Detected: suspicious.destructive_delete_command
Findings (1)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
NoteHigh Confidence
ASI02: Tool Misuse and ExploitationWhat this means
Running the commands could stop active OpenClaw sessions or change local runtime state.
Why it was flagged
These are local repair commands that can disrupt active sessions or remove lock files. They fit the stated task-deadlock troubleshooting purpose, but should not be run blindly.
Skill content
openclaw gateway restart openclaw sessions kill <sessionId> rm -rf ~/.openclaw/workspace/temp/*.lock
Recommendation
Confirm the affected session or gateway, back up important work if needed, and run only the specific command that matches the diagnosed problem.
NoteHigh Confidence
ASI03: Identity and Privilege AbuseWhat this means
Secrets or account configuration could be exposed if command output is pasted into an agent chat, support ticket, or public issue.
Why it was flagged
The guide tells the user or agent to inspect OpenClaw configuration/policy files and handle an API key. This is relevant to diagnosing permission failures, but those files or values may contain sensitive account data.
Skill content
cat ~/.openclaw/config.json | jq . cat ~/.openclaw/policy.json export OPENCLAW_API_KEY=<new_key>
Recommendation
Redact API keys, tokens, account IDs, and private policy details before sharing command output.
NoteHigh Confidence
ASI04: Agentic Supply Chain VulnerabilitiesWhat this means
Running npm install in the wrong directory or against an untrusted package could alter the local environment.
Why it was flagged
The skill recommends dependency reinstall commands for troubleshooting. This is purpose-aligned, but npm installs can modify local packages and run package lifecycle scripts from the targeted project.
Skill content
npm install --force npm cache clean --force && npm install cd ~/.openclaw/skills/<skillName> && npm install
Recommendation
Verify the working directory and package source before running npm commands, and avoid force installs unless necessary.
NoteHigh Confidence
ASI06: Memory and Context PoisoningWhat this means
Changing permissions or rereading persistent instruction files may expose private memory contents or reintroduce bad instructions if those files are already corrupted.
Why it was flagged
The troubleshooting steps touch persistent memory and instruction files. This aligns with the stated memory-loss and logic-failure use case, but these files can contain private context or behavior-shaping instructions.
Skill content
chmod 644 ~/.openclaw/workspace/memory/*.md chmod 644 ~/.openclaw/workspace/MEMORY.md # 重新读取 SOUL.md 和 AGENTS.md
Recommendation
Review memory and instruction files before reusing them, and limit permissions to what OpenClaw actually needs.