done
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This skill does what it claims, but it can overwrite persistent OpenClaw skill folders based on untrusted ZIP contents without validating the target name or asking for confirmation.
Use this only with ZIP files you trust. Before installing, confirm the archive's SKILL.md has a normal safe name, back up existing skills, and be aware that this installer can replace persistent OpenClaw skills and write a copy to the hard-coded Windows Desktop path.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A crafted ZIP could cause the installer to overwrite or delete files outside the intended skill folder, or replace an existing skill without a clear safety check.
The skill name is read from the untrusted ZIP's SKILL.md and used directly to build a destination path that may be deleted and replaced. There is no validation to reject absolute paths, '..', path separators, or unsafe names.
info['name'] = name_match.group(1).strip().strip('"\'') ... target_dir = self.wsl_skills_dir / skill_name ... if target_dir.exists(): shutil.rmtree(target_dir) ... shutil.copytree(skill_dir, target_dir)Validate the skill name as a safe slug, reject absolute or parent-directory paths, resolve the final path and ensure it stays inside the intended skills directory, and ask for confirmation before overwriting.
Installing an untrusted ZIP could add or replace agent skills that affect future agent behavior.
The skill installs arbitrary user-provided ZIP packages into the active OpenClaw skills directory and automatically overwrites existing skills, but the artifacts do not show provenance checks, signature verification, or review steps.
直接提供压缩包路径 ... 安装到 WSL2:复制到 `~/.openclaw/workspace/skills/<skill-name>/` ... 覆盖安装:如果技能已存在,会自动覆盖
Only install ZIPs from trusted sources, add a review step before installation, and avoid automatic overwrite unless the user explicitly confirms the exact skill and destination.
A mistaken or unsafe ZIP may remain installed or backed up after the current task and could affect later sessions.
The installer intentionally writes the same extracted skill into both the active WSL2 skills folder and a Windows Desktop backup folder, so a bad install can persist in multiple places.
安装到 WSL2:`~/.openclaw/workspace/skills/` ... 备份到 Windows:`C:\Users\yanha\Desktop\skills\`
Keep backups of existing skills, verify the installed files, and provide a clear uninstall or rollback path.