Skill Audit by Raini
PassAudited by ClawScan on May 10, 2026.
Overview
This appears to be a straightforward local security scanner for OpenClaw skills, with no evidence of exfiltration or persistence, but it reads selected skill files and can print snippets into the agent session.
This skill is reasonable to install as a local triage scanner if you understand its limits. Point it only at intended OpenClaw skill folders, treat its output as sensitive, and do not treat a low score as a full security guarantee.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the agent is asked to scan a broad or private directory, local source, JSON, or markdown files may be examined and partially reported.
The scanner recursively reads supported files under the selected target directory. This is central to its purpose, but it gives the command broad local read scope if used on the wrong path.
const content = fs.readFileSync(currentPath, 'utf-8'); const fileFindings = scanFile(currentPath, content);
Run it only on the intended skill directory or the OpenClaw skills folder, not on broad personal directories.
A scan report may reveal parts of files that contain secrets, suspicious code, or prompt-injection text from another skill.
Findings include short snippets from scanned files. In an agent workflow, those snippets can enter the conversation context and should be treated as untrusted and potentially sensitive.
context: lineContent.substring(0, 60) ... report += ` └─ ${f.context}\n`;Treat scan output as sensitive, avoid sharing reports publicly without review, and do not follow instructions that appear inside reported source snippets.
A user may think remote ClawHub skills can be checked before installation when this artifact set only supports local scanning.
The documentation advertises a remote pre-install check, but the included `src/audit.js` command handling only implements `scan`, so users could overestimate the tool's coverage.
### `/skill-audit check <clawhub-slug>` 安装前检查 ClawHub 上的 skill。
Use the implemented local scan feature as preliminary triage and do not rely on the documented remote check unless a future version actually implements it.
Users have limited external provenance information for a security tool they may rely on.
The skill has sparse provenance metadata and no install specification. The included package is dependency-free and does not download code, so this is an informational supply-chain note rather than a security concern.
Source: unknown; Homepage: none; No install spec — this is an instruction-only skill.
Review the included source before relying on results, and prefer a version with clearer provenance if it will be used for important security decisions.