openclaw-shield-upx Security Report — Low Risk | ClawSafe

15 /100

openclaw-shield-upx

Security monitoring and threat detection for OpenClaw agents powered by Google SecOps (Chronicle)

OpenClaw Shield is a legitimate security monitoring skill that provides CLI-based commands for Shield plugin management with no direct code execution or credential access.

Skill Nameopenclaw-shield-upx

Duration30.3s

Enginepi

✓

Safe to install

This skill is safe to use. The `rm -rf ~/.openclaw/shield/` command is documented in the Uninstalling section and requires user-initiated execution. The external telemetry claim should be verified against the plugin's actual behavior rather than this skill.

Findings 3 items

Severity	Finding	Location
Info	External telemetry reference Skill mentions Shield sends 'redacted telemetry' to UPX detection platform. This is a transparency disclosure, not hidden behavior — the plugin handles actual transmission. `Shield captures agent activity locally and sends redacted telemetry to the UPX detection platform` → Verify plugin behavior independently if UPX data handling is a concern	`SKILL.md:104`
Info	Pre-scan IOC: rm -rf ~ Line 190 contains 'rm -rf ~/.openclaw/shield/' in the Uninstalling section. This is a documented user-initiated cleanup command, not malicious behavior. `rm -rf ~/.openclaw/shield/` → Not a security concern — user must manually run this command	`SKILL.md:190`
Info	Output handling constraints Skill explicitly prohibits forwarding raw log output to external services and requires treating Shield output as internal diagnostic data. `Never forward raw log output to external services, channels, or APIs` → Good security practice; follow these constraints	`SKILL.md:96`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`NONE`	`NONE`	—	No Read/Write operations in skill
Network	`NONE`	`NONE`	—	External telemetry handled by plugin, not skill
Shell	`NONE`	`NONE`	—	No subprocess/bash calls; only openclaw CLI invocations
Environment	`NONE`	`NONE`	—	Skill explicitly forbids reading env vars
Skill Invoke	`NONE`	`NONE`	—	No skill-internal invocations
Clipboard	`NONE`	`NONE`	—	No clipboard access
Browser	`NONE`	`NONE`	—	No browser automation
Database	`NONE`	`NONE`	—	No database access

1 Critical 6 findings

💀

Critical Dangerous Command 危险 Shell 命令

rm -rf ~

SKILL.md:190

🔗

Medium External URL 外部 URL

https://www.upx.com

README.md:3

🔗

Medium External URL 外部 URL

https://www.npmjs.com/package/@upx-us/shield

README.md:18

🔗

Medium External URL 外部 URL

https://www.upx.com/en/lp/openclaw-shield-upx

README.md:19

🔗

Medium External URL 外部 URL

https://clawhub.ai/brunopradof/openclaw-shield-upx

README.md:34

🔗

Medium External URL 外部 URL

https://uss.upx.com

README.md:35

File Tree

2 files · 14.8 KB · 241 lines

Markdown 2f · 241L

├─ 📝 README.md Markdown 39L · 1.5 KB

└─ 📝 SKILL.md Markdown 202L · 13.3 KB

Security Positives

✓ No executable scripts or code files — purely documentation

✓ Explicitly forbids reading filesystem paths or environment variables for state checks

✓ Requires explicit user approval before resolving cases

✓ Output handling rules prevent raw log exfiltration

✓ No credential handling — delegated to plugin's installation key

✓ Clear state machine (A/B/C/D) for Shield status interpretation

Scan Report

Findings 3 items

File Tree

Security Positives