Back to skill
Skillv1.0.0
ClawScan security
Family Grocery List · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 14, 2026, 12:41 AM
- Verdict
- Benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's requested actions and data access are consistent with a local shared grocery-list tool: it reads/writes files in a user-configured shared folder and uses per-agent memory keys; nothing requested appears unrelated to the stated purpose.
- Guidance
- This skill appears coherent for a local, shared grocery list. Before installing: (1) Ensure the 'shared path' you give the skill is a safe, dedicated folder that all participants can access (avoid system directories like /etc or your home directory root). Consider creating a dedicated shared folder (e.g., /Users/Shared/grocery or a shared cloud-drive folder) and verify permissions. (2) Be aware that optional web searches (store address/hours/item availability) will send item/store names to whatever external search service the agent uses — if you want privacy, disable web search or avoid adding sensitive items. (3) Confirm that the admin you trust initializes the list and that each family member sets their per-agent name (family_grocery_user) correctly; mismatches will deny access. (4) If you need stronger safety, test the skill with a harmless test path first and review the created files (config.json, users.md, list.md, history.md).
Review Dimensions
- Purpose & Capability
- okName and description match the instructions: the skill manages a shared grocery list, stores, users, and history. Requested capabilities (reading/writing files in a shared path, consulting per-agent OpenClaw memory keys, optional web search for addresses/availability) are appropriate for that purpose.
- Instruction Scope
- noteAll runtime instructions are confined to a single user-provided shared path and agent memory keys. The skill will create directories and files under that path and will perform optional web searches to verify store addresses and availability. Two small issues: (1) a minor inconsistency — SKILL.md says 'Never ask the user for their name' while user-connect flow elsewhere describes asking for a username when an agent hasn't saved it yet; (2) web search queries will transmit item and store names to whatever web-search facility the agent uses, which could leak shopping data to that external service. Both are in-scope for the described feature but worth being aware of.
- Install Mechanism
- okInstruction-only skill with no install steps and no code files. There is nothing written to disk by an installer; the only writes come from the skill's own file operations into the configured shared path at runtime.
- Credentials
- okThe skill requires no environment variables, no external credentials, and uses only OpenClaw per-agent memory keys (family_grocery_user and family_grocery_path). These are proportional to the functionality described.
- Persistence & Privilege
- noteThe skill does persist the shared-path value into the agent's OpenClaw memory and creates/writes files under the chosen shared-path. always:false and normal autonomous invocation are used. Important user-facing risk: the admin-supplied shared path is trusted by the skill — if an admin or user points this to a sensitive location (or a symlink to one), the skill could create or modify files there. The skill's documented rule 'never read/write outside [shared-path]' relies on the shared-path being chosen safely.