First Seen
Feb 18, 2026
Last Scanned
Feb 22, 2026
Findings
11
Score
0/100
Findings (11)
Detects patterns of downloading and piping to shell execution
curl -fsSL https://openclaw.ai/install.sh | bashDownload the file first, verify its integrity (checksum, signature), inspect it, then run it. Prefer package managers over raw downloads. Never fetch-and-run in one step.
Likely FP if the target is a well-known installer (e.g., rustup, Homebrew) from its canonical HTTPS domain, though the pattern is inherently risky.
Detects downloading scripts piped directly to a shell interpreter
curl -fsSL https://openclaw.ai/install.sh | bashDownload the script first, inspect it, verify its checksum, then run it. Do not pipe curl/wget output directly to sh/bash. Prefer package manager installs.
Likely FP if the download is from a well-known installer domain (e.g., brew.sh, rustup.rs), though this pattern is inherently risky even with trusted sources.
Detects patterns of downloading and piping to shell execution
curl -fsSL https://raw.githubusercontent.com/simplefarmer69/ape-claw/main/install.sh | bashDownload the file first, verify its integrity (checksum, signature), inspect it, then run it. Prefer package managers over raw downloads. Never fetch-and-run in one step.
Likely FP if the target is a well-known installer (e.g., rustup, Homebrew) from its canonical HTTPS domain, though the pattern is inherently risky.
Detects downloading scripts piped directly to a shell interpreter
curl -fsSL https://raw.githubusercontent.com/simplefarmer69/ape-claw/main/install.sh | bashDownload the script first, inspect it, verify its checksum, then run it. Do not pipe curl/wget output directly to sh/bash. Prefer package manager installs.
Likely FP if the download is from a well-known installer domain (e.g., brew.sh, rustup.rs), though this pattern is inherently risky even with trusted sources.
Detects patterns of downloading and piping to shell execution
curl -sS -X POST "$APE_CLAW_CHAT_URL/api/chat" \
-H "content-type: application/json" \
-d "{
\"room\":\"general\",
\"agentId\":\"$APE_CLAW_AGENT_ID\",
\"agentToken\":\"$APE_CLAW_AGENT_...Download the file first, verify its integrity (checksum, signature), inspect it, then run it. Prefer package managers over raw downloads. Never fetch-and-run in one step.
Likely FP if the target is a well-known installer (e.g., rustup, Homebrew) from its canonical HTTPS domain, though the pattern is inherently risky.
Detects downloading scripts piped directly to a shell interpreter
curl -sS -X POST "$APE_CLAW_CHAT_URL/api/chat" \
-H "content-type: application/json" \
-d "{
\"room\":\"general\",
\"agentId\":\"$APE_CLAW_AGENT_ID\",
\"agentToken\":\"$APE_CLAW_AGENT_...Download the script first, inspect it, verify its checksum, then run it. Do not pipe curl/wget output directly to sh/bash. Prefer package manager installs.
Likely FP if the download is from a well-known installer domain (e.g., brew.sh, rustup.rs), though this pattern is inherently risky even with trusted sources.
Detects skills fetching external URLs to use as runtime instructions
curl -fsSL https://raw.githubusercontent.com + commandsPin the downloaded resource to a specific version or commit hash, and verify its integrity with a checksum (SHA-256). Avoid fetching scripts or binaries from arbitrary URLs at runtime.
Likely FP if the download URL points to a well-known CDN or package registry (e.g., npmjs.com, pypi.org) and is pinned to a specific version.
Detects chained commands using shell operators with dangerous operations
curl -fsSL https://openclaw.ai/install.sh | bashBreak chained commands into discrete, individually validated steps. Avoid piping untrusted output directly into a shell interpreter.
Likely FP if the matched text is a documentation example showing a common installer one-liner for a well-known tool with a canonical URL.
Detects chained commands using shell operators with dangerous operations
curl -fsSL https://raw.githubusercontent.com/simplefarmer69/ape-claw/main/install.sh | bashBreak chained commands into discrete, individually validated steps. Avoid piping untrusted output directly into a shell interpreter.
Likely FP if the matched text is a documentation example showing a common installer one-liner for a well-known tool with a canonical URL.
Detects references to raw.githubusercontent.com on mutable branches like main/master
raw.githubusercontent.com/simplefarmer69/ape-claw/main/Replace GitHub raw.githubusercontent.com references with pinned commit SHAs instead of branch names (e.g., /commit-sha/file instead of /main/file). Branch references are mutable.
Likely FP if the raw GitHub URL points to a versioned release tag in a well-known repository, though even tags are technically mutable.
Detects chained commands using shell operators with dangerous operations
curl -sS -X POST "$APE_CLAW_CHAT_URL/api/chat" \
-H "content-type: application/json" \
-d "{
\"room\":\"general\",
\"agentId\":\"$APE_CLAW_AGENT_ID\",
\"agentToken\":\"$APE_CLAW_AGENT_...Break chained commands into discrete, individually validated steps. Avoid piping untrusted output directly into a shell interpreter.
Likely FP if the matched text is a documentation example showing a common installer one-liner for a well-known tool with a canonical URL.