First Seen
Feb 18, 2026
Last Scanned
Feb 22, 2026
Findings
19
Score
0/100
Findings (19)
Detects downloading scripts piped directly to a shell interpreter
curl -s http://localhost:8010/api/health`
- Parity rules while editing:
- Skill path mode should be checked first (`test -L ~/.openclaw/skills/clawboard`).
- If symlink mode: edit repo files direc...Download the script first, inspect it, verify its checksum, then run it. Do not pipe curl/wget output directly to sh/bash. Prefer package manager installs.
Likely FP if the download is from a well-known installer domain (e.g., brew.sh, rustup.rs), though this pattern is inherently risky even with trusted sources.
Detects patterns of downloading and piping to shell execution
curl -s http://localhost:8010/api/health`
- Parity rules while editing:
- Skill path mode should be checked first (`test -L ~/.openclaw/skills/clawboard`).
- If symlink mode: edit repo files direc...Download the file first, verify its integrity (checksum, signature), inspect it, then run it. Prefer package managers over raw downloads. Never fetch-and-run in one step.
Likely FP if the target is a well-known installer (e.g., rustup, Homebrew) from its canonical HTTPS domain, though the pattern is inherently risky.
Code block labeled "markdown" contains executable content
Install Clawboard for me end-to-end. ClawHub is not available yet, so choose one of these:
1) Scripted install (preferred):
- Run: curl -fsSL https://raw.githubusercontent.com/sirouk/clawboard/main/s...Align the tool description with what the code actually does. If the description says one thing but the code does another, update the description to be accurate or fix the code.
Likely FP if the NLP analyzer misinterpreted technical jargon or the description accurately describes behavior through domain-specific terminology.
Detects patterns of downloading and piping to shell execution
curl -fsSL https://raw.githubusercontent.com/sirouk/clawboard/main/scripts/bootstrap_openclaw.sh | bashDownload the file first, verify its integrity (checksum, signature), inspect it, then run it. Prefer package managers over raw downloads. Never fetch-and-run in one step.
Likely FP if the target is a well-known installer (e.g., rustup, Homebrew) from its canonical HTTPS domain, though the pattern is inherently risky.
Detects downloading scripts piped directly to a shell interpreter
curl -fsSL https://raw.githubusercontent.com/sirouk/clawboard/main/scripts/bootstrap_openclaw.sh | bashDownload the script first, inspect it, verify its checksum, then run it. Do not pipe curl/wget output directly to sh/bash. Prefer package manager installs.
Likely FP if the download is from a well-known installer domain (e.g., brew.sh, rustup.rs), though this pattern is inherently risky even with trusted sources.
Detects patterns of downloading and piping to shell execution
curl -s "http://localhost:8010/api/search?q=continuity"
```
Expect:
- API health is `ok`.
- `tokenRequired` is `true`.
- `tokenConfigured` is `true`.
- Logger plugin is enabled.
- Search endpoint re...Download the file first, verify its integrity (checksum, signature), inspect it, then run it. Prefer package managers over raw downloads. Never fetch-and-run in one step.
Likely FP if the target is a well-known installer (e.g., rustup, Homebrew) from its canonical HTTPS domain, though the pattern is inherently risky.
Detects downloading scripts piped directly to a shell interpreter
curl -s "http://localhost:8010/api/search?q=continuity"
```
Expect:
- API health is `ok`.
- `tokenRequired` is `true`.
- `tokenConfigured` is `true`.
- Logger plugin is enabled.
- Search endpoint re...Download the script first, inspect it, verify its checksum, then run it. Do not pipe curl/wget output directly to sh/bash. Prefer package manager installs.
Likely FP if the download is from a well-known installer domain (e.g., brew.sh, rustup.rs), though this pattern is inherently risky even with trusted sources.
Detects skills fetching external URLs to use as runtime instructions
curl -fsSL https://raw.githubusercontent.com + RulesPin the downloaded resource to a specific version or commit hash, and verify its integrity with a checksum (SHA-256). Avoid fetching scripts or binaries from arbitrary URLs at runtime.
Likely FP if the download URL points to a well-known CDN or package registry (e.g., npmjs.com, pypi.org) and is pinned to a specific version.
Detects execution of shell script files via bash/sh command or direct invocation
./../inference-providers/add_chutes.shReplace direct shell script execution with a language-native implementation or a sandboxed executor. If shell scripts must run, restrict them to a vetted allowlist with integrity checks.
Likely FP if the match references running a script that is part of the skill's own repository (e.g., ./setup.sh) with clear, auditable contents.
Detects chained commands using shell operators with dangerous operations
echo "symlink"
else
echo "copy"
fi
```
- In **symlink mode** (default), repo edits are immediately visible to OpenClaw.
- In **copy mode**, repo edits do not update OpenClaw until you sync/copy aga...Break chained commands into discrete, individually validated steps. Avoid piping untrusted output directly into a shell interpreter.
Likely FP if the matched text is a documentation example showing a common installer one-liner for a well-known tool with a canonical URL.
Detects execution of shell script files via bash/sh command or direct invocation
bash scripts/sync_openclaw_skill.shReplace direct shell script execution with a language-native implementation or a sandboxed executor. If shell scripts must run, restrict them to a vetted allowlist with integrity checks.
Likely FP if the match references running a script that is part of the skill's own repository (e.g., ./setup.sh) with clear, auditable contents.
Detects execution of shell script files via bash/sh command or direct invocation
bash scripts/sync_openclaw_skill.shReplace direct shell script execution with a language-native implementation or a sandboxed executor. If shell scripts must run, restrict them to a vetted allowlist with integrity checks.
Likely FP if the match references running a script that is part of the skill's own repository (e.g., ./setup.sh) with clear, auditable contents.
Detects chained commands using shell operators with dangerous operations
curl -s http://localhost:8010/api/health`
- Parity rules while editing:
- Skill path mode should be checked first (`test -L ~/.openclaw/skills/clawboard`).
- If symlink mode: edit repo files direc...Break chained commands into discrete, individually validated steps. Avoid piping untrusted output directly into a shell interpreter.
Likely FP if the matched text is a documentation example showing a common installer one-liner for a well-known tool with a canonical URL.
Detects execution of shell script files via bash/sh command or direct invocation
bash scripts/sync_openclaw_skill.shReplace direct shell script execution with a language-native implementation or a sandboxed executor. If shell scripts must run, restrict them to a vetted allowlist with integrity checks.
Likely FP if the match references running a script that is part of the skill's own repository (e.g., ./setup.sh) with clear, auditable contents.
Detects references to raw.githubusercontent.com on mutable branches like main/master
raw.githubusercontent.com/sirouk/clawboard/main/Replace GitHub raw.githubusercontent.com references with pinned commit SHAs instead of branch names (e.g., /commit-sha/file instead of /main/file). Branch references are mutable.
Likely FP if the raw GitHub URL points to a versioned release tag in a well-known repository, though even tags are technically mutable.
Detects references to raw.githubusercontent.com on mutable branches like main/master
raw.githubusercontent.com/sirouk/clawboard/main/Replace GitHub raw.githubusercontent.com references with pinned commit SHAs instead of branch names (e.g., /commit-sha/file instead of /main/file). Branch references are mutable.
Likely FP if the raw GitHub URL points to a versioned release tag in a well-known repository, though even tags are technically mutable.
Detects chained commands using shell operators with dangerous operations
curl -fsSL https://raw.githubusercontent.com/sirouk/clawboard/main/scripts/bootstrap_openclaw.sh | bashBreak chained commands into discrete, individually validated steps. Avoid piping untrusted output directly into a shell interpreter.
Likely FP if the matched text is a documentation example showing a common installer one-liner for a well-known tool with a canonical URL.
Detects chained commands using shell operators with dangerous operations
curl -s "http://localhost:8010/api/search?q=continuity"
```
Expect:
- API health is `ok`.
- `tokenRequired` is `true`.
- `tokenConfigured` is `true`.
- Logger plugin is enabled.
- Search endpoint re...Break chained commands into discrete, individually validated steps. Avoid piping untrusted output directly into a shell interpreter.
Likely FP if the matched text is a documentation example showing a common installer one-liner for a well-known tool with a canonical URL.
Detects references to raw.githubusercontent.com on mutable branches like main/master
raw.githubusercontent.com/sirouk/clawboard/main/Replace GitHub raw.githubusercontent.com references with pinned commit SHAs instead of branch names (e.g., /commit-sha/file instead of /main/file). Branch references are mutable.
Likely FP if the raw GitHub URL points to a versioned release tag in a well-known repository, though even tags are technically mutable.