openclaw-aws-deploy
Deploys OpenClaw on AWS with a single command, creating necessary infrastructure and ensuring secure access without SSH.
Install this skill
or
68/100
Security score
The openclaw-aws-deploy skill was audited on Mar 3, 2026 and we found 8 security issues across 2 threat categories. Review the findings below before installing.
Categories Tested
Security Issues
medium line 211
Access to hidden dotfiles in home directory
SourceSKILL.md
| 211 | Create at `~/.openclaw/agents/main/agent/auth-profiles.json` |
medium line 21
Access to .env file
SourceSKILL.md
| 21 | - `.env.aws` file in workspace root or skill directory (optional): |
medium line 28
Access to .env file
SourceSKILL.md
| 28 | - `.env.starfish` in workspace root (recommended) or skill directory: |
low line 91
Access to .env file
SourceSKILL.md
| 91 | # Gemini Flash (needs GEMINI_API_KEY in .env.starfish) |
medium line 112
Access to .env file
SourceSKILL.md
| 112 | If `GEMINI_API_KEY` is present in `.env.starfish`, it's stored in SSM and written to `auth-profiles.json`. If absent, it's simply skipped — no error. |
medium line 114
Access to .env file
SourceSKILL.md
| 114 | ### `.env.starfish` |
medium line 253
Access to .env file
SourceSKILL.md
| 253 | **Fix:** Add `TELEGRAM_USER_ID` to `.env.starfish` for auto-pairing, or use `--pair-user <id>`. Manual: `openclaw pairing approve telegram <CODE>` via SSM. |
low line 236
External URL reference
SourceSKILL.md
| 236 | "providers": {"amazon-bedrock": {"baseUrl": "https://bedrock-runtime.us-east-1.amazonaws.com", "api": "bedrock-converse-stream", "auth": "aws-sdk", "models": [{"id": "minimax.minimax-m2.1", "name": "M |
Scanned on Mar 3, 2026
View Security Dashboard