catchclaw-bak
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing or overwriting an agentar can change the user's active agent configuration and skills.
The skill exposes install modes that can create a new agent or overwrite the main OpenClaw workspace; the same section also says overwrite should not be used without explicit user selection.
$CLI install <slug> --name <name> [--api-key <key>]\n$CLI install <slug> --overwrite
Use the 'new' install mode when possible, only use overwrite after explicit confirmation, and install agentars only when the slug and source are trusted.
A marketplace package could introduce new agent behavior or configuration the user did not expect.
The skill's core function is to install marketplace ZIP archives that may contain agent instructions, skills, and configuration, which can affect future agent behavior.
An agentar is a distributable agent archive (ZIP) containing workspace files such as SOUL.md, skills, and other configuration.
Prefer trusted marketplace entries, review agentar contents when possible, and avoid overwriting the main workspace unless a backup and rollback path are acceptable.
Using the skill runs bundled JavaScript locally and may invoke the local OpenClaw binary for related operations.
The bundled CLI can invoke local subprocesses, and the visible code indicates it uses spawnSync for OpenClaw CLI interaction with shell:false mitigations.
const { spawnSync } = _require("node:child_pro" + "cess");Run this only from a trusted skill installation, and review CLI behavior before allowing install, export, or rollback operations.
An API key passed during install will persist in a credentials file for the installed agentar.
The skill may store a user-provided API key on disk for installed agentars, which is sensitive credential handling but is disclosed and optional.
--api-key <key> — (Optional) API key to save into `skills/.credentials` for agentars that require backend authentication.
Use scoped or disposable API keys where possible, only provide keys for agentars that require them, and delete or rotate keys when no longer needed.
Exporting memory could package private context or persistent instructions into a shareable archive.
The export workflow can include persistent agent memory if the user chooses that option, though the default excludes it and sensitive file patterns are described as filtered.
MEMORY.md is excluded by default... `--include-memory` — Include MEMORY.md in export (excluded by default).
Do not use --include-memory unless the user explicitly wants memory included, and inspect exported ZIPs before sharing them.