Aguara Watch

solo-factory

clawhub:solo-factory

View source
C
50/100

First Seen

Feb 20, 2026

Last Scanned

Feb 22, 2026

Findings

5

Score

50/100

CRITICAL 2
LOW 3

Findings (5)

CRITICAL
Download-and-execute
L166

Detects patterns of downloading and piping to shell execution

curl -LsSf https://astral.sh/uv/install.sh | sh
FIX

Download the file first, verify its integrity (checksum, signature), inspect it, then run it. Prefer package managers over raw downloads. Never fetch-and-run in one step.

FP?

Likely FP if the target is a well-known installer (e.g., rustup, Homebrew) from its canonical HTTPS domain, though the pattern is inherently risky.

CRITICAL
Curl or wget piped to shell
L166

Detects downloading scripts piped directly to a shell interpreter

curl -LsSf https://astral.sh/uv/install.sh | sh
FIX

Download the script first, inspect it, verify its checksum, then run it. Do not pipe curl/wget output directly to sh/bash. Prefer package manager installs.

FP?

Likely FP if the download is from a well-known installer domain (e.g., brew.sh, rustup.rs), though this pattern is inherently risky even with trusted sources.

LOW
Unscoped Bash tool in allowed tools
L10

Detects skills that include unscoped Bash in their allowed tools list (not Bash(cmd:*) scoped)

allowed-tools: Bash,
FIX

Scope the Bash tool to specific commands using allowedTools patterns (e.g., Bash(git *) instead of bare Bash). Remove blanket Bash access from allowed_tools lists.

FP?

Likely FP if the Bash entry in allowed_tools is part of a constrained configuration that limits commands elsewhere (e.g., via system prompt restrictions).

LOW
Chained shell command execution
L101

Detects chained commands using shell operators with dangerous operations

echo "uvx: missing"
   ```
   If missing: "Install uv first: https://docs.astral.sh/uv/"

   **4b. Configure MCP:**

   For OpenClaw (via mcporter):
   ```bash
   mcporter config add solograph --stdio...
FIX

Break chained commands into discrete, individually validated steps. Avoid piping untrusted output directly into a shell interpreter.

FP?

Likely FP if the matched text is a documentation example showing a common installer one-liner for a well-known tool with a canonical URL.

LOW
Chained shell command execution
L166

Detects chained commands using shell operators with dangerous operations

curl -LsSf https://astral.sh/uv/install.sh | sh
FIX

Break chained commands into discrete, individually validated steps. Avoid piping untrusted output directly into a shell interpreter.

FP?

Likely FP if the matched text is a documentation example showing a common installer one-liner for a well-known tool with a canonical URL.