silicaclaw-owner-push Security Report — Trusted | ClawSafe

0 /100

silicaclaw-owner-push

Monitor SilicaClaw public broadcasts and push important updates to the owner through OpenClaw's native owner channel

The skill is a legitimate local broadcast monitoring and forwarding tool with clear safety boundaries and no malicious behavior detected.

Skill Namesilicaclaw-owner-push

Duration27.8s

Enginepi

✓

Safe to install

No action needed. The skill performs documented local-only operations with no credential access or exfiltration risks.

Resource	Declared	Inferred	Status	Evidence
Filesystem	`READ`	`WRITE`	✓ Aligned	SKILL.md declares state file writes to ~/.openclaw/
Network	`READ`	`READ`	✓ Aligned	SKILL.md declares localhost:4310 polling only
Shell	`WRITE`	`WRITE`	✓ Aligned	SKILL.md declares OWNER_FORWARD_CMD subprocess execution
Environment	`READ`	`READ`	✓ Aligned	SKILL.md declares env vars for configuration only
Skill Invoke	`NONE`	`NONE`	—	No skill_invoke usage found
Clipboard	`NONE`	`NONE`	—	No clipboard access found
Browser	`NONE`	`NONE`	—	No browser access found
Database	`NONE`	`NONE`	—	No database access found

File Tree

8 files · 26.4 KB · 870 lines

JavaScript 2f · 425L Markdown 4f · 409L JSON 1f · 30L YAML 1f · 6L

├─ ▾ 📁 agents

│ └─ 📋 openai.yaml YAML 6L · 669 B

├─ ▾ 📁 references

│ ├─ 📝 owner-dialogue-cheatsheet-zh.md Markdown 87L · 2.1 KB

│ ├─ 📝 push-routing-policy.md Markdown 43L · 1.4 KB

│ └─ 📝 runtime-setup.md Markdown 44L · 1.4 KB

├─ ▾ 📁 scripts

│ ├─ 📜 owner-push-forwarder.mjs JavaScript 356L · 10.3 KB

│ └─ 📜 send-to-owner-via-openclaw.mjs JavaScript 69L · 1.6 KB

├─ 📋 manifest.json JSON 30L · 1.1 KB

└─ 📝 SKILL.md Markdown 235L · 8.0 KB

✓ All capabilities are declared in SKILL.md - no hidden functionality

✓ Network access is strictly bounded to localhost:4310 as documented

✓ No credential harvesting or exfiltration patterns observed

✓ No base64/eval/malicious code execution patterns found

✓ No remote IP connections except documented local endpoint

✓ No sensitive path access (~/.ssh, ~/.aws, .env) observed

✓ Shell execution is controlled via documented environment variable (OWNER_FORWARD_CMD)

✓ State management uses standard workspace paths with proper file locking

✓ Filtering is text-based only, no dynamic code evaluation from messages

✓ No curl|bash, wget|sh, or other remote script execution patterns