Back to skill
Skillv1.0.0
ClawScan security
Conflict Coordination · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
ReviewMar 15, 2026, 11:14 AM
- Verdict
- Review
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's behavior mostly matches its description (detecting crontab/systemd/script/log issues) but it assumes undocumented platform-specific artifacts and sends reports to a hard-coded external messaging target — those mismatches are concerning and should be clarified before install.
- Guidance
- Before installing or running this skill: 1) Treat it as designed for a specific OpenClaw environment — verify /home/admin/.openclaw/workspace and scripts/task-utils.sh exist and are trustworthy. 2) Inspect and, preferably, modify scripts/detect-conflicts.sh to: make WORKSPACE and messaging target configurable (via env vars), remove or redact any sensitive fields from the report, and avoid hard-coded recipient IDs. 3) Confirm what the 'openclaw message send --channel feishu' command does in your environment and whether the recipient 'user:g68578ee' is internal/trusted; if not, disable the push or change to an approved endpoint. 4) Run the script in a safe test environment (non-production user) to observe exactly what files and data it reads and what it posts. 5) Ask the maintainer for explicit documentation of required runtime dependencies/credentials; if they cannot justify them, do not deploy to sensitive systems.
Review Dimensions
- Purpose & Capability
- concernThe script implements the stated detection capabilities (crontab, systemd, script overlap, logs, docs). However it assumes a specific OpenClaw runtime layout (/home/admin/.openclaw/workspace), sources task-utils.sh from that workspace, and uses an openclaw CLI call; none of those platform-specific requirements are declared in the skill metadata. That mismatch (undocumented required files/paths/CLI) is disproportionate to the SKILL.md/runtime claim of a simple detection utility.
- Instruction Scope
- concernSKILL.md instructs running the included detect-conflicts.sh, which reads the user's crontab, queries systemctl --user, enumerates files under /home/admin/.openclaw/workspace, writes a report into that workspace, and then calls 'openclaw message send' to push the report. Those actions go beyond passive checks: they access local configuration and workspace data and actively send a report to a fixed recipient. The SKILL.md does not warn users about what data will be collected or transmitted, nor provide configuration to change the messaging target or redact sensitive info.
- Install Mechanism
- okNo install spec (instruction-only plus a script) — nothing is downloaded or written at install time beyond the included files. This is low-risk from an installation/download perspective.
- Credentials
- concernThe skill declares no required env vars or config paths but the script depends on several environment-specific artifacts: a fixed WORKSPACE path (/home/admin/.openclaw/workspace), a sourced helper script (task-utils.sh), and an openclaw CLI capable of sending Feishu messages. It also hard-codes a Feishu recipient ('user:g68578ee'). These undeclared dependencies and implicit use of messaging credentials are disproportionate and may leak sensitive system state if the messaging endpoint is external or untrusted.
- Persistence & Privilege
- notealways:false and no system-wide configuration changes are requested. The script writes reports into the workspace, which is expected for a monitoring tool. However, because the skill can be invoked autonomously (default) and its runtime triggers include cron/inotify, the combination of autonomous invocation plus the hard-coded message send increases potential blast radius if the messaging integration is misconfigured.