Ask Claude Skill
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This skill is coherent, but it should be reviewed because it runs Claude Code with permission prompts bypassed, allowing file edits or shell commands in the selected workdir.
Install only if you intentionally want your OpenClaw agent to delegate work to Claude Code with broad local project authority. Verify the wrapper script path, confirm the workdir before use, avoid sensitive projects unless necessary, and consider requiring explicit approval before file edits or shell commands.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Claude Code may modify files or run shell commands in the chosen workdir without the normal interactive permission checks.
The skill directs the agent to invoke another coding agent with file-editing and bash capabilities while explicitly bypassing Claude Code permission prompts.
any task benefiting from Claude Code's tools (file editing, code analysis, bash, etc.) ... claude --permission-mode bypassPermissions --print
Use only in trusted projects. Prefer requiring explicit user approval before edits or shell commands, or remove bypassPermissions unless the user intentionally wants fully automatic Claude Code execution.
The command may fail or may execute a different local script at that path, which weakens confidence that the reviewed artifact is what actually runs.
The SKILL.md primary command calls /home/xmanel/.openclaw/workspace/run-claude.sh, but there is no install mechanism showing that the reviewed run-claude.sh will be placed at that absolute path.
No install spec — this is an instruction-only skill.
Use a skill-relative wrapper path or document/install the helper deterministically; verify the local run-claude.sh contents before allowing the agent to execute it.
Delegated tasks run under the user's Claude Code authentication and whatever local access that CLI has.
The skill relies on the user's existing authenticated Claude Code CLI session/account.
Claude Code authenticated — `claude login`
Confirm you are comfortable using your Claude account for these delegated tasks and keep Claude CLI credentials protected.
Sensitive project context or earlier mistakes may persist and influence later Claude Code runs when --continue is used.
The skill intentionally reuses persistent Claude Code session memory across follow-up tasks in the same workdir.
Claude Code stores sessions per-directory in `~/.claude/projects/` ... same file context, same conversation history, same edits.
Use new sessions for unrelated work and clear or review Claude Code session history if sensitive or stale context should not be reused.