Back to skill
Skillv0.1.0
ClawScan security
Agent Control · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 9, 2026, 6:07 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's files and instructions are consistent with managing OpenClaw agents via the OpenClaw CLI; nothing requests unrelated secrets or installs arbitrary code, though there are small mismatches between the prose and the helper script that the user should be aware of.
- Guidance
- This skill appears to do what it claims: it translates short chat commands into openclaw CLI operations and ships a small helper script that runs those CLI commands. Before installing, confirm you trust the local openclaw binary (the skill will invoke it), and ensure the agent prompts the user for explicit confirmation before performing deletions because the helper script will execute a delete when invoked. Note that the SKILL.md documents an "identity" command that the provided script does not implement — if you need that feature, ask the author for clarification or patch the helper. If you allow autonomous invocation, be comfortable with the agent being able to run your openclaw CLI on your behalf.
Review Dimensions
- Purpose & Capability
- okName/description map to the actions implemented: the SKILL.md maps short chat commands to OpenClaw CLI agent operations and the included helper script invokes the OpenClaw CLI. No unrelated credentials, binaries, or config paths are requested.
- Instruction Scope
- noteSKILL.md stays narrowly focused on running OpenClaw CLI commands and safety rules (confirm deletes, don't run unrelated shell commands). Two minor inconsistencies: (1) SKILL.md documents an "agent identity" command and avatar handling, but the included scripts/example.py does not implement an identity subcommand; (2) SKILL.md requires explicit confirmation before running destructive delete operations, but the helper script will run openclaw agents delete if invoked — the expectation is the agent must prompt before calling the script.
- Install Mechanism
- okNo install spec and no external downloads. This is instruction-only plus a small local helper script (no extracted archives or third-party packages). Lowest-risk install profile.
- Credentials
- okNo environment variables, credentials, or external endpoints are requested. The script uses the user's home directory for default workspaces (~/clawd/agents/<name>), which is reasonable for an agent-management tool.
- Persistence & Privilege
- okalways is false and the skill does not request persistent system-wide modifications. The helper script only invokes the OpenClaw CLI and prints structured results; it does not modify other skills or agent settings itself.