Skillv1.0.4

ClawScan security

Agent Migration Pack Openclaw · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 13, 2026, 2:49 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is internally consistent with its stated purpose (creating agent migration packages): it provides templates, examples, and local Python scripts to validate/pack/checksum—but it deals with sensitive personal data, so inspect/redact before use and review the scripts before running.
Guidance: This package appears coherent for building agent migration ZIPs, but treat it like a tool that touches sensitive data: 1) Inspect scripts/migrate.py and scripts/generate-pack.py before running—look for any network calls, uploads, or unexpected file reads; if you are not comfortable reading code, run them in an isolated environment with network disabled. 2) Replace or redact any secrets (passwords, API keys, full contact details) before packing; the templates and guide explicitly say to redact. 3) Confirm consent before including other people's contact info (relations.json). 4) Run python scripts only after validating templates and reviewing what files they read/write; prefer running the listed commands in a sandbox or VM and compute the checksum locally. 5) If you need automated pulling of platform data (Coze, AgentLink), prefer exporting from the platform UI or API with explicit credentials rather than letting a generic script access account stores. 6) If you want extra assurance, request the full source of the two scripts and share them with someone who can audit for network I/O or unexpected privilege use.

Review Dimensions

Purpose & Capability: okName/description match the content: templates, examples, a migration guide, and scripts to validate/pack/checksum a migration bundle. Required tools (python3) and no credentials are proportional to the stated task.
Instruction Scope: noteSKILL.md gives step-by-step, local operations (copy templates, fill files, run scripts). It also documents where fields typically come from (e.g., USER.md, SOUL.md, AgentLink/Coze settings), which implies the agent or user should source those items—but the runtime instructions do not autonomously instruct network exfiltration. Because the pack's purpose is to collect identity/owner/memory/relations data, this inherently handles sensitive personal data and contact records; that is expected but worth noting.
Install Mechanism: okNo install spec; instruction-only with two included Python scripts. No external downloads or archive extraction declared. This is low risk from an installation perspective.
Credentials: noteThe skill requests no environment variables or credentials, which is appropriate. However many templates and examples contain sensitive personal information (emails, contacts, business and investment details). That sensitivity is consistent with the migration purpose but requires careful handling (redact passwords/API keys and obtain contact consent as the documentation itself recommends).
Persistence & Privilege: okSkill is not always-on and does not request elevated or platform-wide privileges. It does not claim to modify other skills or system settings. Autonomy is allowed by default but not exceptional here.