Back to skill
Skillv1.0.0
ClawScan security
openclaw-relation · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 10, 2026, 1:38 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This is an instruction-only, documentation skill for OpenClaw and its declared requirements and behavior are consistent with that purpose — it does not request credentials, install code, or contain hidden endpoints.
- Guidance
- This skill is a static documentation/reference for OpenClaw and appears coherent. Before acting on any commands shown here (for example npm install -g openclaw@latest, openclaw onboard --install-daemon, openclaw gateway --tailscale, or nodes pair), verify you trust the OpenClaw package source and the npm package owner; those commands will run software on your machine and can enable remote access features (camera, location, remote control). The skill itself does not ask for credentials or install code, but following its documented commands can have real security/privacy implications — review and confirm the official project homepage, package author, and release checksums before installing or enabling remote node pairing.
Review Dimensions
- Purpose & Capability
- okThe skill name and description claim to be a complete documentation/reference for OpenClaw. The package requests no env vars, binaries, or installs, which is appropriate for a documentation-only skill.
- Instruction Scope
- noteSKILL.md is a documentation reference containing CLI examples and paths (e.g., ~/.openclaw/openclaw.json, ~/.openclaw/workspace/) and describes potentially sensitive functionality (node pairing, remote camera, location). The instructions do not tell the agent to read local files or exfiltrate data, but they do recommend commands that — if the user runs them — enable remote access features. Users should treat those commands as operational steps and understand their security implications before executing them.
- Install Mechanism
- okNo install spec or code files are included; the skill is instruction-only, so nothing is written to disk by the skill itself.
- Credentials
- okThe skill declares no required environment variables, no primary credential, and no config paths that it will access at runtime — proportional for a documentation/reference skill.
- Persistence & Privilege
- okThe skill is not forced-always, is user-invocable, and allows normal autonomous invocation. It does not request persistent system modifications or access to other skills' configs.