Security Audit Tianjin
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: security-audit-tianjin Version: 1.0.1 The skill performs security audits by scanning for credentials, open ports, and configuration flaws in 'Clawdbot' deployments. It utilizes high-risk capabilities including shell command execution (ss, netstat, git) via child_process.execSync and broad file system access to read sensitive files like private keys and .env files. While these actions in scripts/audit.cjs are aligned with the stated purpose in SKILL.md and no evidence of data exfiltration was found, the inherent risk of these operations qualifies the bundle as suspicious under the provided criteria.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the audit may reveal where secrets or weak credentials exist on the host, and any generated report should be treated as sensitive.
The audit reads local Clawdbot .env/config files to search for credential patterns. This is expected for a credential audit, but it is sensitive local access.
const CONFIG_DIR = '/root/clawd/skills/.env'; ... const content = fs.readFileSync(filePath, 'utf8');
Run it only on the intended Clawdbot deployment and avoid sharing audit output unless secrets and sensitive paths have been reviewed.
The audit may run system tools and inspect process/port state on the machine where it is executed.
The script executes local shell commands to inspect open ports. The visible command is fixed and purpose-aligned, but it is still local command execution.
const ssResult = execSync('ss -tlnp 2>/dev/null || netstat -tlnp 2>/dev/null || echo "not available"',Run it from a trusted account on the intended host, and review command behavior before using it in automation.
Auto-fix could change deployment behavior or file access permissions, which may break workflows if applied unexpectedly.
The documented auto-fix mode can change permissions and configuration files. This is purpose-aligned and user-invoked, but it is not read-only.
The `--fix` option automatically: - Sets restrictive file permissions (600 on .env) - Secures sensitive configuration files - Creates .gitignore if missing - Enables basic security headers
Run a read-only audit first, back up important configuration files, and use --fix only when you intend to apply changes.
It may be harder to verify who published the exact artifact and whether it matches the registry entry.
The packaged _meta.json owner/version differ from the registry metadata shown for owner/version, and the source/homepage are unknown. This is a provenance ambiguity, not evidence of malicious behavior by itself.
{ "ownerId": "kn72ce44tqw8bnnnewrn1s5x3s7yz7sq", "slug": "security-audit-tianjin", "version": "1.0.0"Confirm the package origin and version before installing, especially because the skill inspects sensitive files and can modify configuration in --fix mode.