ClawAudit verdict

grafana-lens

88
🟢 Trusted
Low risk — reviewed by ClawAudit, behavior matches stated purpose

Grafana monitoring and visualization reference skill; no credential access or network calls shown in visible content, purely a documentation and query guide.

⚠ Flagged for review — coarse, uncorroborated signal, not a confirmed exploit. Review the config yourself before installing.

Automated static analysis — not a human review. ClawAudit flags capabilities, not confirmed intent, and can produce false positives. Disagree with this verdict? Use Dispute below.

10
security
100
transparency
80
maintenance

Findings (11)

Pattern match high

References sudo — requests elevated privileges

README.md · code · sudo

Pattern match high

Possible hardcoded credential

src/config.test.ts · prose · downgraded · apiKey: "glsa_test

Coarse signal — prose, single-step high

Instruction-prose smuggling shape detected: collects a sensitive target ("credential") and emits it outward ("include"). Phrased as prose with no trigger tokens — a semantic prompt-injection / data-exfil pattern the syntactic scanners can't see. Final tier capped at Caution; review the instructions before installing.

SKILL.md · **When**: Trigger whenever the user mentions data collection, metrics pipeline, log forwarding, trace collection, infrastructure monitoring, database monitoring

Pattern match medium

Accesses OpenClaw config/secrets directly

README.md · prose · downgraded · ~/.openclaw/openclaw.json

Pattern match medium

Uses exec() — may execute shell commands

src/alloy/pipeline-helpers.ts · prose · downgraded · exec(

Pattern match medium

Dynamic import() — loads module at runtime

src/alloy/pipeline-store.test.ts · prose · downgraded · import("

Pattern match medium

Instructs covert action — may act without user awareness

src/services/custom-metrics-store.ts · prose · downgraded · silently

Pattern match low

References webhook/callback URL

SKILL.md · prose · downgraded · webhookUrl

Pattern match low

Base64 encoding/decoding

README.md · prose · downgraded · base64-encode

Pattern match low

Popular HTTP library — network access

src/alloy/config-builder.ts · prose · downgraded · got

Pattern match low

Accesses sensitive environment variables

src/config.ts · prose · downgraded · process.env.GRAFANA_SERVICE_ACCOUNT_TOKEN

Permissions & capabilities

No declared permissions — minimal attack surface.

Is this flag fair?

Check another skill Browse the registry Auditing your own skills or configs? Use the API