Skillv0.1.0

ClawScan security

Viralevo · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 10, 2026, 2:11 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's stated capabilities (automatically monitoring and self-evolving by running many scripts) do not match what is actually present in the bundle: the SKILL.md refers to many local scripts and DB files but no code files are included and the install spec is vague.
Guidance: This SKILL.md reads like the README for a full project but the skill bundle contains no code files. Before installing or enabling this skill: (1) check the GitHub homepage for the actual repository and verify it contains the referenced scripts, package.json, and install instructions; (2) do not paste your Tavily API key into ~/.openclaw/workspace/.env until you confirm where the code comes from and how it stores/secur es secrets; (3) if you expect automatic weekly runs, confirm who/what will schedule them and inspect that installer (cron/systemd/scheduler) and the code that performs self‑evolution; (4) be aware better-sqlite3 may require native build tools; (5) if the published skill package doesn't include the scripts, treat it as incomplete or possibly malicious and avoid installing it. If you want, I can list exact checks to perform on the GitHub repo (files to look for, package.json fields, scripts, and any release tarballs) to decide whether to trust it.

Review Dimensions

Purpose & Capability: concernThe name/description (self‑evolving trend advisor monitoring 11 platforms) reasonably explains the need for node, python, and a Tavily API key, but the skill references many local scripts (node {baseDir}/scripts/*.js, python3 {baseDir}/scripts/*.py, db/init_db.py) and a weekly self‑evolution process that would require shipped code and scheduling. No code files are present in the bundle, so the requested binaries/credential cannot actually be used as described.
Instruction Scope: concernRuntime instructions tell the agent to run many local scripts, to write the Tavily API key into ~/.openclaw/workspace/.env, to initialize/modify a local DB, and to collect/verify user feedback. Those operations are fine for this purpose in principle, but the instructions assume files and directories ({baseDir}/scripts, db) that are not included — this is incoherent and would cause the agent to attempt running non‑existent code or to seek external sources.
Install Mechanism: concernMetadata lists a node install step to "Install npm dependencies (better-sqlite3, axios, dotenv)" but provides no package.json, repository tarball, or authoritative release URL to fetch code. better-sqlite3 is a native module that often requires build tools; the install spec as presented is insufficient and ambiguous, raising the risk that the agent would try to fetch or run code from an unspecified external source.
Credentials: noteOnly TAVILY_API_KEY is declared as required and that aligns with the stated use of Tavily for searches. However the SKILL.md instructs storing the API key in the agent workspace file (~/.openclaw/workspace/.env), which may be acceptable but is less secure than a secret store. No other credentials are requested, which is proportionate.
Persistence & Privilege: noteThe skill does not request always:true or system‑wide changes, and autonomous invocation is the default. The bigger issue is the claim of automatic weekly self‑evolution: SKILL.md describes an automated weekly review but provides no mechanism (cron, scheduler setup, or platform integration) to run weekly jobs, which is inconsistent with the bundle content.