Back to skill
Skillv0.4.1
ClawScan security
Clawnexus · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 30, 2026, 6:32 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requests and runtime instructions are coherent with its stated purpose: it talks to a local ClawNexus daemon over HTTP to discover and manage OpenClaw instances and does not ask for unrelated credentials or system access.
- Guidance
- This skill is coherent with its purpose, but before installing or running it: 1) only run the npm package (npm install -g clawnexus) if you trust the upstream project (check the GitHub repo and npm package contents/release history); 2) be aware the ClawNexus daemon will scan your local network for agents and persist discovered entries to ~/.clawnexus/registry.json—consider privacy and firewall rules; 3) SKILL.md commands call localhost (http://localhost:17890) by design—if that daemon is not running the commands will fail; and 4) resolving .claw names may contact external registries, so expect occasional internet traffic if you use that feature.
Review Dimensions
- Purpose & Capability
- okName, description, and commands all revolve around a local ClawNexus daemon and OpenClaw instance discovery. Required binary (curl) and the npm package recommendation align with the described functionality.
- Instruction Scope
- okSKILL.md only instructs the agent to call localhost endpoints (http://localhost:17890) and, optionally, the daemon's resolve API which may use the internet. It does not direct reading arbitrary files or environment variables beyond the daemon's API. It does mention that the daemon persists registry to ~/.clawnexus/registry.json but does not instruct the agent to read that file.
- Install Mechanism
- noteThe skill is instruction-only (no install spec). The doc recommends installing the clawnexus npm package (npm install -g clawnexus). This is consistent with the daemon-based design but implies you should trust the npm package/repo before installing.
- Credentials
- okNo environment variables, credentials, or unrelated config paths are requested by the skill. The scope of access (local HTTP API and optional internet resolution) is proportional to the purpose.
- Persistence & Privilege
- okSkill is not always-enabled and does not request system-wide or cross-skill configuration changes. The daemon itself persists a registry file (~/.clawnexus/registry.json), which is a normal behavior for a local service of this type.