Skip to main content

safe-exec

Enables safe command execution for OpenClaw Agents with risk assessment, user approval, and audit logging for secure operations.

Install this skill

or
29/100

Security score

The safe-exec skill was audited on May 29, 2026 and we found 15 security issues across 4 threat categories, including 1 critical. Review the findings below before installing.

Categories Tested

Security Issues

critical line 136

Piping content to bash shell

SourceSKILL.md
136**HIGH**: User data deletion or significant system changes (chmod 777, curl | bash)
medium line 266

Webhook reference - potential data exfiltration

SourceSKILL.md
266- ❌ No integration with external notification services (Feishu, webhooks, etc.)
medium line 9

Access to hidden dotfiles in home directory

SourceSKILL.md
9"writes": ["~/.openclaw/safe-exec/", "~/.openclaw/safe-exec-audit.log"],
low line 76

Access to hidden dotfiles in home directory

SourceSKILL.md
76git clone https://github.com/OTTTTTO/safe-exec.git ~/.openclaw/skills/safe-exec
low line 79

Access to hidden dotfiles in home directory

SourceSKILL.md
79chmod +x ~/.openclaw/skills/safe-exec/safe-exec*.sh
low line 82

Access to hidden dotfiles in home directory

SourceSKILL.md
82ln -s ~/.openclaw/skills/safe-exec/safe-exec.sh ~/.local/bin/safe-exec
low line 83

Access to hidden dotfiles in home directory

SourceSKILL.md
83ln -s ~/.openclaw/skills/safe-exec/safe-exec-*.sh ~/.local/bin/
medium line 100

Access to hidden dotfiles in home directory

SourceSKILL.md
100- Requests stored in: `~/.openclaw/safe-exec/pending/`
medium line 101

Access to hidden dotfiles in home directory

SourceSKILL.md
101- Audit log: `~/.openclaw/safe-exec-audit.log`
medium line 102

Access to hidden dotfiles in home directory

SourceSKILL.md
102- Rules config: `~/.openclaw/safe-exec-rules.json`
low line 209

Access to hidden dotfiles in home directory

SourceSKILL.md
209cat ~/.openclaw/safe-exec-audit.log
medium line 232

Access to hidden dotfiles in home directory

SourceSKILL.md
232- SafeExec version (run: `grep "VERSION" ~/.openclaw/skills/safe-exec/safe-exec.sh`)
medium line 236

Access to hidden dotfiles in home directory

SourceSKILL.md
236- Relevant logs from `~/.openclaw/safe-exec-audit.log`
medium line 249

Access to hidden dotfiles in home directory

SourceSKILL.md
249Log location: `~/.openclaw/safe-exec-audit.log`
low line 281

External URL reference

SourceSKILL.md
281- **ClawdHub:** https://www.clawhub.ai/skills/safe-exec
Scanned on May 29, 2026
View Security Dashboard
Installation guide →
Rate this skill
Categorydevelopment
UpdatedJune 15, 2026
openclawdevopsapidevops-sreml-ai-engineertechnical-pmdevelopmentproduct
Ghenghis/openclaw-claude-code-integration