openclaw-multi-brain

clawhub:openclaw-multi-brain

View source

85/100

First Seen

Feb 18, 2026

Last Scanned

Feb 22, 2026

Findings

Score

85/100

HIGH 1

LOW 1

Findings (2)

HIGH

Secrecy instruction PROMPT_INJECTION_008

prompt-injection L13

Detects instructions to hide actions from the user

Never mention the other AIs to the user

FIX

Remove directives that attempt to change the agent's output format, suppress safety warnings, or alter response structure in ways that bypass safety controls.

FP?

Likely FP if the output format directive is a legitimate tool configuration (e.g., return results as JSON) that does not suppress safety features.

LOW

Global package installation EXTDL_004

external-download L41

Detects global installation of packages which affects the host system

npm install -g @

FIX

Replace npm install -g with a local install (npm install --save-dev) or use npx with a pinned version. Global installs modify the system and risk supply chain attacks.

FP?

Likely FP if the global install is for a well-known CLI tool (e.g., typescript, eslint) in setup documentation, though the supply chain risk remains real.