Skillv1.1.0

ClawScan security

Adaptive Review · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 1, 2026, 8:12 PM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requests and instructions are internally consistent with an adaptive code-review router; there are no hidden installs or unrelated credential requirements, but you should be aware it will send diffs to whatever review model/endpoints you configure (which may expose code/secrets).
Guidance: This skill appears coherent: it only scans your git diff and routes review work to a smaller or larger reviewer depending on the signals. Before installing or running it, consider these points: - Data exposure: adaptive-review will send diffs to whichever model/endpoint it spawns (haiku/sonnet/opus or any configured local endpoint). If those are remote cloud models, your code (including secrets contained in diffs) will be transmitted to that provider. If your repo contains sensitive data, either use a local/self-hosted endpoint (SKILL-openclaw.md guidance) or avoid running deep reviews against cloud models. - Secret handling: the grep intentionally targets code files and excludes .md/.json/.yaml, which reduces false positives but may miss secrets in config files. If your secrets live in config files, adjust the scan or add pre-checks to mask/remove secrets before review. - Overrides: users can force depths (--fast/--medium/--deep). A fast review may miss architecture/security issues; the skill sensibly recommends upgrading when fast finds potential issues. - Test first: try the skill on a non-sensitive repository to verify how your platform performs subagent/model calls and to confirm which endpoints actually receive the diff payloads. - Endpoint/config hygiene: if you use the OpenClaw/local variant, ensure the endpoints you configure are trustworthy and that any API keys are rotated and scoped appropriately. If you want stricter safety: restrict the skill to local/self-hosted models only, extend the grep to include config files you use for secrets, or add a preflight that blocks reviews when known secret patterns are present.

Review Dimensions

Purpose & Capability: okName/description claim adaptive routing of code reviews; SKILL.md only requires git diff and greps code files, then routes to lightweight/medium/heavy reviewers. No unrelated binaries, credentials, or config paths are requested.
Instruction Scope: noteRuntime instructions are focused on collecting git diff signals and grepping code files for risk keywords, then spawning subagents/models. This is appropriate for a review router, but it does mean full diffs (and any discovered matches) will be sent to the chosen model/endpoint when a review runs — a privacy / data-exfiltration consideration depending on which remote models/endpoints you use.
Install Mechanism: okInstruction-only skill with no install spec and no code files to execute; lowest install risk. README suggests optional git clone but that's typical and not required by the runtime instructions.
Credentials: noteThe skill declares no required env vars or credentials. The OpenClaw/local variant documents optional environment variables for local endpoints — appropriate for the stated purpose. There are no unexplained credential requests. You should still validate any model endpoint/API keys you provide before use.
Persistence & Privilege: okalways is false, no privileged persistence requested, and autonomous invocation is the platform default. The skill does not attempt to modify other skills or system settings.