Skip to content
Arxo Arxo

Keys and possible values

Keys and possible values

Section titled “Keys and possible values”

This page is generated from the arxo metrics registry --registry-format detailed schema for OpenClaw Architecture (openclaw_architecture).

Detector keys

Section titled “Detector keys”
Result keyAxisRule IDImpactEffortScore rangeSeverity valuesRecommendation
openclaw_architecture.soul_evil_hook_enabled_scoreConfigSecurityarxo/openclaw-soul-evil-hook-enabledcriticallow0..1Good, Low, Medium, High, CriticalDisable soul-evil hook and remove SOUL_EVIL.md; prevent silent persona swap.
openclaw_architecture.config_patch_unrestricted_scoreConfigSecurityarxo/openclaw-config-patch-unrestrictedcriticallow0..1Good, Low, Medium, High, CriticalAdd config.patch to restricted_actions or tools.deny to prevent agent self-modification.
openclaw_architecture.hook_whitelist_absence_scoreConfigSecurityarxo/openclaw-hook-whitelist-absencehighmedium0..1Good, Low, Medium, High, CriticalConfigure hooks.allowed allowlist when using custom hooks.
openclaw_architecture.webhook_auth_absence_scoreConfigSecurityarxo/openclaw-webhook-auth-absencehighmedium0..1Good, Low, Medium, High, CriticalEnable webhook signature verification for Twilio/Telnyx; set skipSignatureVerification false.
openclaw_architecture.browser_domain_allowlist_absence_scoreConfigSecurityarxo/openclaw-browser-domain-allowlist-absencehighmedium0..1Good, Low, Medium, High, CriticalSet browser.domainAllowlist when browser tool is enabled to limit navigation.
openclaw_architecture.contact_allowlist_absence_scoreConfigSecurityarxo/openclaw-contact-allowlist-absencehighlow0..1Good, Low, Medium, High, CriticalConfigure contactAllowlist for channels to restrict who can message the agent.
openclaw_architecture.sensitive_directory_exposure_scoreConfigSecurityarxo/openclaw-sensitive-directory-exposurehighmedium0..1Good, Low, Medium, High, CriticalBlock ~/.ssh, ~/.aws, ~/.config, ~/.gnupg, ~/.kube, /etc in sandbox paths.
openclaw_architecture.credential_context_window_exposure_scoreConfigSecurityarxo/openclaw-credential-context-window-exposurehighmedium0..1Good, Low, Medium, High, CriticalUse env vars or vault for API keys when shell/browser tools are enabled.
openclaw_architecture.unbounded_tool_access_scoreSkillGovernancearxo/openclaw-unbounded-tool-accesscriticalmedium0..1Good, Low, Medium, High, CriticalRestrict agents.list[].tools.allow to explicit list; avoid wildcard.
openclaw_architecture.max_steps_absence_scoreSkillGovernancearxo/openclaw-max-steps-absencehighlow0..1Good, Low, Medium, High, CriticalSet maxSteps or maxIterations for agents to bound execution.
openclaw_architecture.cascade_depth_unlimited_scoreSkillGovernancearxo/openclaw-cascade-depth-unlimitedhighmedium0..1Good, Low, Medium, High, CriticalSet agents.maxCascadeDepth when using multiple agents.
openclaw_architecture.read_only_triage_absence_scoreSkillGovernancearxo/openclaw-read-only-triage-absencemediumhigh0..1Good, Low, Medium, High, CriticalUse read-only triage agent in front of tool-enabled agent for untrusted input.
openclaw_architecture.inter_agent_auth_absence_scoreSkillGovernancearxo/openclaw-inter-agent-auth-absencehighmedium0..1Good, Low, Medium, High, CriticalConfigure inter-agent auth when using multiple agents in agents.list.
openclaw_architecture.agent_output_sanitization_gap_scoreSkillGovernancearxo/openclaw-agent-output-sanitization-gaphighmedium0..1Good, Low, Medium, High, CriticalEnable output.sanitize or equivalent when agent uses shell/DB/API tools.
openclaw_architecture.sub_agent_privilege_inheritance_scoreSkillGovernancearxo/openclaw-sub-agent-privilege-inheritancehighmedium0..1Good, Low, Medium, High, CriticalSet per-agent tools.allow for sub-agents; avoid full inheritance.
openclaw_architecture.prompt_injection_defense_absence_scoreSkillGovernancearxo/openclaw-prompt-injection-defense-absencehighmedium0..1Good, Low, Medium, High, CriticalConfigure security.promptInjection or equivalent for input scanning and anchoring.
openclaw_architecture.external_content_scan_absence_scoreSkillGovernancearxo/openclaw-external-content-scan-absencehighmedium0..1Good, Low, Medium, High, CriticalEnable tools.contentScan or equivalent when using browser/email/file tools.
openclaw_architecture.self_replication_capability_scoreSkillGovernancearxo/openclaw-self-replication-capabilitycriticallow0..1Good, Low, Medium, High, CriticalSet agents.selfReplication to deny when agent has shell and network access.
openclaw_architecture.shutdown_mechanism_absence_scoreSkillGovernancearxo/openclaw-shutdown-mechanism-absencehighlow0..1Good, Low, Medium, High, CriticalEnable interruptible or killSwitch for agents to allow human halt.
openclaw_architecture.goal_drift_detection_absence_scoreObservabilityarxo/openclaw-goal-drift-detection-absencemediummedium0..1Good, Low, Medium, High, CriticalConfigure diagnostics.drift_detection or goal_monitoring when agents have long sessions.
openclaw_architecture.memory_file_encryption_absence_scoreSupplyChainarxo/openclaw-memory-file-encryption-absencehighmedium0..1Good, Low, Medium, High, CriticalEnable memory.encryption when memory is writable to protect IDENTITY/SOUL on disk.
openclaw_architecture.identity_file_mutable_by_agent_scoreSupplyChainarxo/openclaw-identity-file-mutable-by-agenthighmedium0..1Good, Low, Medium, High, CriticalAdd integrity/checksum for IDENTITY.md and SOUL.md when agent can write memory.
openclaw_architecture.hardcoded_credential_in_config_scoreSupplyChainarxo/openclaw-hardcoded-credential-in-configcriticalmedium0..1Good, Low, Medium, High, CriticalUse env vars or vault for API keys; remove hardcoded credentials from config.
openclaw_architecture.network_egress_unrestricted_scoreSupplyChainarxo/openclaw-network-egress-unrestrictedhighmedium0..1Good, Low, Medium, High, CriticalSet network.egress.allowlist when sandbox has bridge or host network access.
openclaw_architecture.a2a_session_smuggling_risk_scoreSkillGovernancearxo/openclaw-a2a-session-smuggling-riskcriticalmedium0..1Good, Low, Medium, High, CriticalEnable AgentCard verification or context grounding for A2A to prevent session smuggling.
openclaw_architecture.a2a_unverified_agent_card_with_tool_access_scoreSupplyChainarxo/openclaw-a2a-unverified-agent-card-with-tool-accesscriticalmedium0..1Good, Low, Medium, High, CriticalEnable AgentCard verification for A2A or restrict tool access when using unverified remotes.
openclaw_architecture.agent_identity_registry_absence_scoreConfigSecurityarxo/openclaw-agent-identity-registry-absencehighmedium0..1Good, Low, Medium, High, CriticalConfigure agents.registry or per-agent owner/purpose/id for attribution.
openclaw_architecture.agent_tool_over_permission_scoreSkillGovernancearxo/openclaw-agent-tool-over-permissionhighmedium0..1Good, Low, Medium, High, CriticalRestrict agent tool permissions.
openclaw_architecture.audit_log_disabled_scoreObservabilityarxo/openclaw-audit-log-disabledhighlow0..1Good, Low, Medium, High, CriticalEnable audit log for diagnostics.
openclaw_architecture.behavioral_drift_detection_absence_scoreObservabilityarxo/openclaw-behavioral-drift-detection-absencemediummedium0..1Good, Low, Medium, High, CriticalEnable behavioral drift detection.
openclaw_architecture.clawhub_skill_provenance_scoreSupplyChainarxo/openclaw-clawhub-skill-provenancehighmedium0..1Good, Low, Medium, High, CriticalUse ClawHub or verified skill sources.
openclaw_architecture.content_capture_disabled_scoreObservabilityarxo/openclaw-content-capture-disabledmediumlow0..1Good, Low, Medium, High, CriticalSet diagnostics.otel.captureContent: true.
openclaw_architecture.control_ui_exposure_scoreConfigSecurityarxo/openclaw-control-ui-exposurehighmedium0..1Good, Low, Medium, High, CriticalRestrict control UI when gateway is remote.
openclaw_architecture.cost_tracking_absence_scoreObservabilityarxo/openclaw-cost-tracking-absencemediumlow0..1Good, Low, Medium, High, CriticalEnable cost tracking for providers.
openclaw_architecture.covert_tool_invocation_instruction_scoreSupplyChainarxo/openclaw-covert-tool-invocation-instructionhighmedium0..1Good, Low, Medium, High, CriticalRemove covert tool invocation instructions from SKILL.md.
openclaw_architecture.credential_harvesting_phrase_scoreSupplyChainarxo/openclaw-credential-harvesting-phrasecriticallow0..1Good, Low, Medium, High, CriticalRemove credential harvesting phrases from SKILL.md.
openclaw_architecture.dangerous_skill_exposure_scoreConfigSecurityarxo/openclaw-dangerous-skill-exposurehighmedium0..1Good, Low, Medium, High, CriticalRestrict dangerous skills or require approval.
openclaw_architecture.discovery_pinning_gap_scoreConfigSecurityarxo/openclaw-discovery-pinning-gapcriticalmedium0..1Good, Low, Medium, High, CriticalPin gateway address when using mDNS/DNS-SD discovery.
openclaw_architecture.dm_policy_open_scoreConfigSecurityarxo/openclaw-dm-policy-openhighlow0..1Good, Low, Medium, High, CriticalUse dmPolicy pairing or allowlist; avoid open for unknown senders.
openclaw_architecture.egress_firewall_absence_scoreSupplyChainarxo/openclaw-egress-firewall-absencehighmedium0..1Good, Low, Medium, High, CriticalConfigure egress allowlist when sandbox is on.
openclaw_architecture.exec_security_full_mode_scoreSkillGovernancearxo/openclaw-exec-security-full-modehighmedium0..1Good, Low, Medium, High, CriticalAvoid exec security full mode or allowlist only.
openclaw_architecture.external_binary_install_instruction_scoreSupplyChainarxo/openclaw-external-binary-install-instructionhighmedium0..1Good, Low, Medium, High, CriticalAvoid instructing users to download and run binaries.
openclaw_architecture.fake_prerequisite_in_skill_md_scoreSupplyChainarxo/openclaw-fake-prerequisite-in-skill-mdhighmedium0..1Good, Low, Medium, High, CriticalRemove fake prerequisites from SKILL.md.
openclaw_architecture.gateway_auth_gap_scoreConfigSecurityarxo/openclaw-gateway-auth-gapcriticallow0..1Good, Low, Medium, High, CriticalSet gateway.auth.token when gateway.remote is true.
openclaw_architecture.gen_ai_semantic_convention_gap_scoreObservabilityarxo/openclaw-gen-ai-semantic-convention-gapmediumlow0..1Good, Low, Medium, High, CriticalUse GenAI semantic conventions for telemetry.
openclaw_architecture.high_risk_source_without_isolation_scoreSupplyChainarxo/openclaw-high-risk-source-without-isolationhighmedium0..1Good, Low, Medium, High, CriticalUse sandbox and egress allowlist for high-risk sources.
openclaw_architecture.human_approval_gap_scoreSkillGovernancearxo/openclaw-human-approval-gaphighmedium0..1Good, Low, Medium, High, CriticalConfigure approval workflow for dangerous skills.
openclaw_architecture.installed_skill_fails_fake_prerequisite_check_scoreSupplyChainarxo/openclaw-installed-skill-fails-fake-prerequisite-checkhighmedium0..1Good, Low, Medium, High, CriticalEnsure installed skills pass prerequisite checks.
openclaw_architecture.interruptibility_gap_scoreObservabilityarxo/openclaw-interruptibility-gapmediumlow0..1Good, Low, Medium, High, CriticalSet agents.interruptible where appropriate.
openclaw_architecture.known_malicious_skill_id_scoreSupplyChainarxo/openclaw-known-malicious-skill-idcriticallow0..1Good, Low, Medium, High, CriticalRemove known malicious skill IDs from config.
openclaw_architecture.log_retention_too_short_scoreObservabilityarxo/openclaw-log-retention-too-shortmediumlow0..1Good, Low, Medium, High, CriticalSet log retention to 90 days or more.
openclaw_architecture.long_lived_credential_per_agent_scoreConfigSecurityarxo/openclaw-long-lived-credential-per-agenthighmedium0..1Good, Low, Medium, High, CriticalUse short-lived scoped tokens or set credentials.ttl/refresh for agents.
openclaw_architecture.loopback_binding_gap_scoreConfigSecurityarxo/openclaw-loopback-binding-gaphighmedium0..1Good, Low, Medium, High, CriticalBind to loopback when not using remote gateway.
openclaw_architecture.mcp_descriptor_mutation_risk_scoreSkillGovernancearxo/openclaw-mcp-descriptor-mutation-riskhighmedium0..1Good, Low, Medium, High, CriticalPin MCP tool descriptors (descriptionHash, schemaHash, or pinDescriptors) to prevent rug pulls.
openclaw_architecture.memory_file_write_risk_scoreSupplyChainarxo/openclaw-memory-file-write-riskhighmedium0..1Good, Low, Medium, High, CriticalRestrict file write access for skills.
openclaw_architecture.memory_injection_phrase_scoreSupplyChainarxo/openclaw-memory-injection-phrasehighmedium0..1Good, Low, Medium, High, CriticalRemove memory-injection style instructions from SKILL.md.
openclaw_architecture.metadata_validation_gap_scoreSupplyChainarxo/openclaw-metadata-validation-gapmediummedium0..1Good, Low, Medium, High, CriticalValidate skill metadata and checksums.
openclaw_architecture.nonexistent_official_dependency_scoreSupplyChainarxo/openclaw-nonexistent-official-dependencyhighlow0..1Good, Low, Medium, High, CriticalUse official package names in prerequisites.
openclaw_architecture.otel_plugin_absence_scoreObservabilityarxo/openclaw-otel-plugin-absencehighlow0..1Good, Low, Medium, High, CriticalEnable diagnostics-otel plugin.
openclaw_architecture.pastebin_piping_in_skill_md_scoreSupplyChainarxo/openclaw-pastebin-piping-in-skill-mdhighmedium0..1Good, Low, Medium, High, CriticalAvoid pastebin/rentry piping in SKILL.md.
openclaw_architecture.plaintext_credential_storage_scoreConfigSecurityarxo/openclaw-plaintext-credential-storagecriticalmedium0..1Good, Low, Medium, High, CriticalAvoid storing credentials in plaintext.
openclaw_architecture.prerequisite_section_present_without_allowlist_scoreSupplyChainarxo/openclaw-prerequisite-section-present-without-allowlistmediumlow0..1Good, Low, Medium, High, CriticalConfigure skills.prerequisiteAllowlist when using prerequisites.
openclaw_architecture.prompt_injection_in_skill_md_scoreSupplyChainarxo/openclaw-prompt-injection-in-skill-mdhighmedium0..1Good, Low, Medium, High, CriticalAvoid prompt injection patterns in SKILL.md.
openclaw_architecture.rag_knowledge_provenance_gap_scoreSupplyChainarxo/openclaw-rag-knowledge-provenance-gaphighmedium0..1Good, Low, Medium, High, CriticalEnable provenance tracking or source validation for knowledge/retrieval.
openclaw_architecture.rate_limit_absence_scoreConfigSecurityarxo/openclaw-rate-limit-absencemediummedium0..1Good, Low, Medium, High, CriticalConfigure rate limiting for tool/API calls.
openclaw_architecture.reasoning_trace_capture_absence_scoreObservabilityarxo/openclaw-reasoning-trace-capture-absencemediummedium0..1Good, Low, Medium, High, CriticalConfigure diagnostics.reasoningTrace or chainOfThoughtCapture for decision visibility.
openclaw_architecture.reverse_shell_or_c2_indicator_scoreSupplyChainarxo/openclaw-reverse-shell-or-c2-indicatorcriticallow0..1Good, Low, Medium, High, CriticalRemove reverse shell or C2 indicators from SKILL.md.
openclaw_architecture.sample_rate_misconfigured_scoreObservabilityarxo/openclaw-sample-rate-misconfiguredmediumlow0..1Good, Low, Medium, High, CriticalConfigure sample rate for diagnostics.
openclaw_architecture.sandbox_absence_scoreSkillGovernancearxo/openclaw-sandbox-absencehighmedium0..1Good, Low, Medium, High, CriticalEnable sandbox for dangerous tools.
openclaw_architecture.self_modifying_skill_risk_scoreSkillGovernancearxo/openclaw-self-modifying-skill-riskhighmedium0..1Good, Low, Medium, High, CriticalGate dynamic Skill.create with user content.
openclaw_architecture.shadow_mcp_server_scoreSkillGovernancearxo/openclaw-shadow-mcp-servermediummedium0..1Good, Low, Medium, High, CriticalUse known MCP server sources only.
openclaw_architecture.signed_system_prompt_absence_scoreConfigSecurityarxo/openclaw-signed-system-prompt-absencehighmedium0..1Good, Low, Medium, High, CriticalAdd system prompt signing or integrity to prevent goal hijacking.
openclaw_architecture.skill_allowlist_absence_scoreSkillGovernancearxo/openclaw-skill-allowlist-absencecriticalmedium0..1Good, Low, Medium, High, CriticalConfigure skills.allowed and/or skills.denied.
openclaw_architecture.skill_privilege_escalation_phrase_scoreSupplyChainarxo/openclaw-skill-privilege-escalation-phrasehighmedium0..1Good, Low, Medium, High, CriticalRemove privilege escalation instructions from SKILL.md.
openclaw_architecture.skill_source_integrity_scoreSupplyChainarxo/openclaw-skill-source-integrityhighmedium0..1Good, Low, Medium, High, CriticalUse checksums or signed skill sources.
openclaw_architecture.skill_virus_scan_absence_scoreSupplyChainarxo/openclaw-skill-virus-scan-absencehighmedium0..1Good, Low, Medium, High, CriticalEnable virus scan for skill sources.
openclaw_architecture.tool_poisoning_susceptibility_scoreSkillGovernancearxo/openclaw-tool-poisoning-susceptibilityhighmedium0..1Good, Low, Medium, High, CriticalRestrict MCP tools and sandbox when needed.
openclaw_architecture.typosquat_skill_name_scoreSupplyChainarxo/openclaw-typosquat-skill-namehighmedium0..1Good, Low, Medium, High, CriticalUse official skill names; avoid typosquatting.
openclaw_architecture.unpinned_mcp_server_version_scoreSupplyChainarxo/openclaw-unpinned-mcp-server-versionhighlow0..1Good, Low, Medium, High, CriticalPin MCP server version; avoid latest or *.
openclaw_architecture.weak_auth_token_scoreConfigSecurityarxo/openclaw-weak-auth-tokenhighlow0..1Good, Low, Medium, High, CriticalUse 256-bit random token for gateway auth.
openclaw_architecture.windows_password_protected_zip_in_prereq_scoreSupplyChainarxo/openclaw-windows-password-protected-zip-in-prereqhighmedium0..1Good, Low, Medium, High, CriticalAvoid password-protected zip in prerequisites.

Possible values

Section titled “Possible values”
  • Score: 0.0 = issue detected, 1.0 = healthy. Per-detector scores are combined into axis and overall health.
  • Severity: Good, Low, Medium, High, Critical (from detector MetricScore).