SR
SKILLRADAR
AI Security • Benchmarking • Index
Menu
Trust Report v1

crabbox

Use the Crabbox wrapper for OpenClaw remote validation across Linux, macOS, Windows, and WSL2, including delegated Blacksmith Testbox proof. Report the actual provider and id.

Overall
57
Trust
17
Utility
88
Momentum
95

Install caution

High-risk behavior present

Risk: High

Source: OpenClaw Built-in Skills

Path: .agents/skills/crabbox/SKILL.md

Review flags: browser/session access, credential or secret references, filesystem/home-directory access, network access or external URLs. These are review signals, not definitive security judgments; inspect before installing.

Required permissions

  • Environment variables / secrets
  • Shell commands
  • Network/API usage
  • Filesystem/home access
  • Browser/session access

Permissions are inferred from SKILL.md text only. They are review prompts, not guarantees about runtime behavior.

Risk flags explained

browser_or_session_accessmedium

Mentions browser automation, cookies, sessions, local storage, or browser state.

credential_or_secret_referencehigh

Mentions tokens, API keys, passwords, or private-key style environment variables.

filesystem_write_or_home_accessmedium

Mentions filesystem writes, deletes, home-directory paths, or config/key locations.

network_accessmedium

Mentions external URLs, network APIs, downloads, or HTTP client usage.

package_installmedium

Mentions package installation or dependency-fetching commands.

shell_commandmedium

Contains shell command snippets. Review commands before copy/paste or agent execution.

Score explanation

Trust

  • Trust starts at 90 before review-signal penalties and metadata bonuses.
  • Risk-signal penalty: -75 from 6 detected flag(s).
  • Metadata bonus: +2 from author/version/description fields.

Utility

  • Utility starts at 55 and rewards clear descriptions, runnable examples, and explicit setup needs.
  • Description present: yes.
  • Command examples detected: 25.
  • Environment variables detected: 5.

Momentum

  • Momentum starts at 45 and uses public repo activity signals.
  • Recent commit activity: latest repo update was 0 day(s) ago.
  • Recent commit volume: 100 commit(s) in the lookback window (+20).
  • Source has strong public adoption: 379781 stars.
  • Fork activity suggests reuse: 79500 forks.

Overall

  • Overall score weights trust 45%, utility 35%, and momentum 20%.

Detected signals

Env vars

  • API
  • AWS_ACCESS_KEY_ID
  • AWS_SECRET_ACCESS_KEY
  • CRABBOX_COORDINATOR_TOKEN
  • OPENAI_API_KEY

Commands

  • --preflight-tools node,bun,docker
  • @lydell/node-pty
  • OPENCLAW_PLUGIN_INSTALL_OVERRIDES='{"plugin-id":"npm-pack:/tmp/plugin.tgz"}'
  • crabbox login --url https://crabbox.openclaw.ai --provider aws
  • node
  • node scripts/crabbox-wrapper.mjs run --provider blacksmith-testbox --blacksmith-org openclaw --blacksmith-workflow .github/workflows/ci-check-testbox.yml --blacksmith-job check --blacksmith-ref main --idle-timeout 90m --ttl 240m --timing-json -- corepack pnpm check:changed
  • node scripts/crabbox-wrapper.mjs run --provider blacksmith-testbox --cache-volume pnpm-store=openclaw-node24-pnpm-lock:/tmp/openclaw-pnpm-store --timing-json -- corepack pnpm check:changed
  • node scripts/crabbox-wrapper.mjs warmup --provider blacksmith-testbox --keep --timing-json
  • npm
  • npm pack
  • npm/node_modules
  • npm/node_modules/...

URLs

  • https://crabbox.openclaw.ai
  • https://example.com

Provenance & evidence

SkillRadar makes each review traceable back to the exact source path, source blob SHA, scanner version, and text-only policy that produced the report.

source
github.com/openclaw/openclaw@main
path
.agents/skills/crabbox/SKILL.md
source blob SHA
fc9ac13d89ef59735777983241d9ca0f0542ef2b
scanner version
0.3.0
security model
text_only_no_execute_no_install_no_secrets
scan policy
Fetched and scored as text only; no install, no execution, no runtime loading.

Evidence snippets

credential_or_secret_reference

…mkdir -p .crabbox/logs pnpm crabbox:run -- --provider aws \ --preflight \ --allow-env OPENAI_API_KEY,OPENAI_BASE_URL \ --timing-json \ --capture-stdout .crabbox/logs/live-provider.stdout…

filesystem_write_or_home_access

…ported by delegated providers. - `--capture-stdout <path>` / `--capture-stderr <path>`: write remote streams to local files and keep binary/noisy output out of retained logs. Parent…

package_install

…provider.stderr.log \ --capture-on-fail \ --shell -- \ "echo CRABBOX_PHASE:install; pnpm install --frozen-lockfile; echo CRABBOX_PHASE:test; pnpm test:live" ``` Do not pass `--capture-*…

network_access

…e "broken before, fixed after", compare base and PR on the same Testbox when practical. Fetch both refs, create detached temp worktrees under `/tmp`, install in each, then run the s…

browser_or_session_access

….mjs warmup --provider blacksmith-testbox --keep --timing-json` in a background command session while inspecting, editing, and running focused local tests. Poll later, reuse the retur…

shell_command

…sync mirrors the current checkout. - Check the wrapper and providers before remote work: ```sh command -v crabbox ../crabbox/bin/crabbox --version pnpm crabbox:run -- --help | sed -n '…

Watch this skill

Get alerted when this skill adds credential requirements, shell commands, external domains, remote installer patterns, or risk-level changes.

Join watchlist beta

Methodology note

SkillRadar scans SKILL.md as hostile text only. It does not execute commands, install packages, or load third-party skills.

View source SKILL.mdBack to changesView sources