Back to skill
Skillv1.0.0
ClawScan security
Acp Adapter Layer · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 15, 2026, 3:04 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, instructions, and requirements are coherent with its stated purpose as an ACP↔ASF adapter and do not request unrelated credentials, installs, or surprising privileges.
- Guidance
- This skill appears to be what it says: an adapter for ACP↔ASF integration. It does not request credentials or perform network calls to remote hosts by default (it references a local WebSocket gateway). Before deploying in production, review whether you will point the gateway client at a remote server — that would require secure credentials and network controls. Also note the OpenClaw client currently uses a placeholder token; if you wire this to a real gateway, provide and protect appropriate credentials and review any network endpoints the adapter will contact.
Review Dimensions
- Purpose & Capability
- okName and description claim an ACP adapter; code implements an ACP parser, session manager, tool converter, and a local OpenClaw gateway client. Required resources (none) match the adapter role — nothing asks for unrelated cloud or system credentials.
- Instruction Scope
- okSKILL.md and included code focus on parsing ACP messages, session lifecycle, and mapping tools; they reference a local gateway (ws://127.0.0.1:18789) which is consistent with bridging to a local OpenClaw gateway. There are no instructions to read arbitrary host files, exfiltrate data, or call external endpoints beyond the documented local gateway.
- Install Mechanism
- okNo install spec is present (instruction-only behavior), so nothing is downloaded or written to disk by the install process. This is low-risk and proportional for a library/adapter.
- Credentials
- okThe skill declares no required environment variables, credentials, or config paths. The implementation uses a hard-coded local gateway URL and a placeholder 'token' value in the client constructor; it does not request or access sensitive environment secrets.
- Persistence & Privilege
- okalways is false and the skill does not request elevated platform privileges or modify other skills' configs. It does not persist or demand system-wide presence beyond its own code.