SR
SKILLRADAR
AI Security • Benchmarking • Index
Menu
Trust Report v1

openclaw-parallels-smoke

Run, rerun, debug, or interpret OpenClaw Parallels install, onboarding, gateway smoke, and upgrade checks.

Overall
57
Trust
17
Utility
88
Momentum
95

Install caution

High-risk behavior present

Risk: High

Source: OpenClaw Built-in Skills

Path: .agents/skills/openclaw-parallels-smoke/SKILL.md

Review flags: browser/session access, credential or secret references, filesystem/home-directory access, network access or external URLs. These are review signals, not definitive security judgments; inspect before installing.

Required permissions

  • Environment variables / secrets
  • Shell commands
  • Network/API usage
  • Filesystem/home access
  • Browser/session access

Permissions are inferred from SKILL.md text only. They are review prompts, not guarantees about runtime behavior.

Risk flags explained

browser_or_session_accessmedium

Mentions browser automation, cookies, sessions, local storage, or browser state.

credential_or_secret_referencehigh

Mentions tokens, API keys, passwords, or private-key style environment variables.

filesystem_write_or_home_accessmedium

Mentions filesystem writes, deletes, home-directory paths, or config/key locations.

network_accessmedium

Mentions external URLs, network APIs, downloads, or HTTP client usage.

package_installmedium

Mentions package installation or dependency-fetching commands.

shell_commandmedium

Contains shell command snippets. Review commands before copy/paste or agent execution.

Score explanation

Trust

  • Trust starts at 90 before review-signal penalties and metadata bonuses.
  • Risk-signal penalty: -75 from 6 detected flag(s).
  • Metadata bonus: +2 from author/version/description fields.

Utility

  • Utility starts at 55 and rewards clear descriptions, runnable examples, and explicit setup needs.
  • Description present: yes.
  • Command examples detected: 25.
  • Environment variables detected: 1.

Momentum

  • Momentum starts at 45 and uses public repo activity signals.
  • Recent commit activity: latest repo update was 0 day(s) ago.
  • Recent commit volume: 100 commit(s) in the lookback window (+20).
  • Source has strong public adoption: 379781 stars.
  • Fork activity suggests reuse: 79500 forks.

Overall

  • Overall score weights trust 45%, utility 35%, and momentum 20%.

Detected signals

Env vars

  • OPENAI_API_KEY

Commands

  • & $openclaw ...
  • , npm pack/install smoke, or Docker lanes that run package/build prep). Run unrelated build/package gates first, let them finish, then start the VM matrix. Concurrent
  • . That lane installs the packed current-main npm tgz as baseline, then runs
  • .artifacts/parallels/openclaw-parallels-*
  • .artifacts/parallels/openclaw-parallels-npm-update.*
  • /opt/homebrew/bin/node
  • /tmp/openclaw-parallels-*
  • /tmp/openclaw-parallels-linux-gateway.log
  • ; in-place global npm updates can otherwise leave stale hashed
  • NPM_CONFIG_PREFIX="$HOME/.npm-global" npm install -g .
  • bash scripts/e2e/parallels-windows-smoke.sh --mode upgrade --target-package-spec openclaw@<tag> --json
  • curl

URLs

  • http://<host-ip

Provenance & evidence

SkillRadar makes each review traceable back to the exact source path, source blob SHA, scanner version, and text-only policy that produced the report.

source
github.com/openclaw/openclaw@main
path
.agents/skills/openclaw-parallels-smoke/SKILL.md
source blob SHA
25a15d0d0d75f420fdcbb2f301dd932e747f5d8f
scanner version
0.3.0
security model
text_only_no_execute_no_install_no_secrets
scan policy
Fetched and scored as text only; no install, no execution, no runtime loading.

Evidence snippets

credential_or_secret_reference

…t installs. - Linux same-guest update verification should also export `HOME=/root`, pass `OPENAI_API_KEY` via `prlctl exec ... /usr/bin/env`, and use `openclaw agent --local`; the fresh Linux ba…

filesystem_write_or_home_access

…- install with `NPM_CONFIG_PREFIX="$HOME/.npm-global" npm install -g .` - make sure `~/.local/bin/openclaw` exists or `~/.npm-global/bin` is on PATH - verify from a brand-new…

package_install

…rerun the smallest affected lane. Do not keep waiting on a capped lane. - Actual OpenClaw npm install/update phases are a stricter signal than whole-lane caps: install phases should normally…

network_access

…server, and point the guest updater at that served package. Prefer `openclaw update --tag http://<host-ip>:<port>/openclaw-<version>.tgz --yes --json`; when channel persistence also matte…

browser_or_session_access

…me. - Do not run local and gateway agent turns in parallel on the same fresh workspace or session. - Hard-cap every top-level Parallels lane with host `timeout --foreground` (or `gtimeout…

shell_command

…rest of the testing window. Defaults: - macOS: `75m` - Linux: `75m` - Windows: `90m` - aggregate npm-update wrapper: `150m` If a lane hits the cap, stop there, inspect the newest `/tmp/openclaw-parallels-…

Watch this skill

Get alerted when this skill adds credential requirements, shell commands, external domains, remote installer patterns, or risk-level changes.

Join watchlist beta

Methodology note

SkillRadar scans SKILL.md as hostile text only. It does not execute commands, install packages, or load third-party skills.

View source SKILL.mdBack to changesView sources