Back to skill
Skillv1.0.0
ClawScan security
Openclaw Troubleshooter · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
ReviewMar 13, 2026, 8:09 PM
- Verdict
- Review
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's instructions are generally coherent with a local OpenClaw troubleshooting tool, but several destructive, automatic operations (killing processes, uninstalling skills with --yes, editing configs) and minor metadata inconsistencies warrant caution before running it on a production system.
- Guidance
- This skill appears to do what it says (diagnose and repair a local OpenClaw gateway) but contains commands that can stop processes, modify configuration, and uninstall skills automatically. Before running: (1) review the full SKILL.md and both scripts line-by-line; (2) run in check-only mode first (openclaw troubleshoot --check-only) rather than any --fix commands; (3) back up openclaw.json and gateway logs; (4) avoid running uninstall commands with --yes until you manually confirm each target; (5) confirm OPENCLAW_HOME is correct for your environment (the docs show a hardcoded example path); (6) if you need higher assurance, run the diagnostics on a non-production host or inspect the scripts in a sandboxed PowerShell session. The mismatched/odd metadata fields (license variants and confirmOwnership: true) are unusual but not conclusive of malice.
Review Dimensions
- Purpose & Capability
- okThe name/description (troubleshooter) matches the actions requested: reading gateway state, configs, logs, scanning local skills, and offering fixes (restart, edit config, uninstall). No unrelated credentials, binaries, or remote endpoints are required.
- Instruction Scope
- concernThe runtime instructions explicitly read local config and log files, scan the user's skills directory, kill processes (taskkill/Get-Process + Stop-), and run uninstall commands (clawhub uninstall --yes). Those actions are within a troubleshooter's remit but are potentially destructive and should be run only after review and backup. There are also hardcoded paths/examples (C:\Users\34596\.openclaw) and truncated script fragments that make behavior uncertain.
- Install Mechanism
- okInstruction-only skill with no install spec and no code files executed from remote URLs. This minimizes supply-chain risk because nothing is downloaded or installed by default.
- Credentials
- okThe skill requests no environment variables or external credentials. Its file/command access is limited to the OpenClaw home, gateway process/port, and local skills workspace—appropriate for a local troubleshooter.
- Persistence & Privilege
- noteThe skill does not request always:true and does not attempt to modify other skills' configs in metadata. However, its suggested commands edit openclaw.json and perform uninstall actions, which change local state and may be irreversible if run with auto-confirm (--yes).