codeflow

Possible hardcoded credential

references/setup.md · code · TOKEN="<BOT_TOKEN>

Pipe to sh — executes piped content as shell commands

extensions/codeflow-enforcer/index.js · prose · downgraded · |sh

Accesses OpenClaw config/secrets directly

references/setup.md · code · ~/.openclaw/openclaw.json

Pipe to python — executes piped content as Python code

scripts/_internal/bin/dev-relay.sh · prose · downgraded · | python3

Python urllib.request — network access

references/setup.md · code · urllib.request

Accesses system credential store

references/setup.md · prose · downgraded · Keychain

subprocess execution — runs system commands from Python

scripts/_internal/py/codeflow_skill_flow.py · prose · downgraded · subprocess.run(

Instructs covert action — may act without user awareness

scripts/_internal/py/discord-bridge.py · prose · downgraded · silently

HTTP request to bare IP address — common in malicious payloads

scripts/_internal/py/openclaw_gateway.py · prose · downgraded · http://127.0.0.1

References sudo — requests elevated privileges

scripts/_internal/py/parse-stream.py · prose · downgraded · sudo

Opens WebSocket connection

references/advanced-modes.md · prose · downgraded · websocket

References webhook/callback URL

scripts/_internal/bin/dev-relay.sh · prose · downgraded · WEBHOOK_URL

Python os.environ.get — reads environment variable

scripts/_internal/bin/dev-relay.sh · prose · downgraded · os.environ.get(

Python shutil file operation — copies/moves/deletes files

scripts/_internal/bin/dev-relay.sh · prose · downgraded · shutil.rmtree(

Sets world-executable permissions

scripts/_internal/bin/dev-relay.sh · prose · downgraded · chmod 700

Popular HTTP library — network access

scripts/_internal/py/py_compat.py · prose · downgraded · got