First Seen
Feb 18, 2026
Last Scanned
Feb 22, 2026
Findings
4
Score
92/100
Findings (4)
Detects references to private/internal IP ranges in URL context
http://192.168.1.200:Implement URL allowlisting for all outbound requests. Block requests to private IP ranges (10.x, 172.16-31.x, 192.168.x), localhost, and link-local addresses.
Likely FP if the match is a localhost URL used for local development (e.g., http://localhost:3000) in setup documentation.
Detects execution of shell script files via bash/sh command or direct invocation
bash ~/.openclaw/skills/secucheck/scripts/full_audit.shReplace direct shell script execution with a language-native implementation or a sandboxed executor. If shell scripts must run, restrict them to a vetted allowlist with integrity checks.
Likely FP if the match references running a script that is part of the skill's own repository (e.g., ./setup.sh) with clear, auditable contents.
Detects execution of shell script files via bash/sh command or direct invocation
bash ~/.openclaw/skills/secucheck/scripts/serve_dashboard.shReplace direct shell script execution with a language-native implementation or a sandboxed executor. If shell scripts must run, restrict them to a vetted allowlist with integrity checks.
Likely FP if the match references running a script that is part of the skill's own repository (e.g., ./setup.sh) with clear, auditable contents.
Detects execution of shell script files via bash/sh command or direct invocation
bash ~/.openclaw/skills/secucheck/scripts/serve_dashboard.shReplace direct shell script execution with a language-native implementation or a sandboxed executor. If shell scripts must run, restrict them to a vetted allowlist with integrity checks.
Likely FP if the match references running a script that is part of the skill's own repository (e.g., ./setup.sh) with clear, auditable contents.