Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
OpenClaw Docs Guide
v1.1.0OpenClaw 平台完整使用指南。涵盖 Gateway 配置、频道设置(Telegram/Discord/WhatsApp/微信等)、定时任务、会话管理、安全策略、沙盒配置、模型管理、Agent 管理、设备配对、心跳机制、CLI 命令等。当需要:(1) 配置或排查 OpenClaw (2) 添加频道/定时任务/...
⭐ 0· 65·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name and content match a documentation/knowledge-guide purpose. However, the SKILL.md describes an automatic update workflow that reads documents from /mnt/nas/openclaw-docs and writes updates to MEMORY.md; that file-system access is not declared in the skill metadata (no required config paths). This is a mismatch that should be justified.
Instruction Scope
SKILL.md instructs the agent to '自动更新' via heartbeats, to read source docs at /mnt/nas/openclaw-docs, to extract knowledge, and to update MEMORY.md and vector indexes. Those are runtime actions that involve reading arbitrary local mounts and writing persistent state. The skill also shows CLI commands that modify configuration (openclaw config set/unset) which could change local settings. These runtime directives go beyond a passive reference manual and grant the agent broad discretion to access and modify local files.
Install Mechanism
This is instruction-only with no install spec or code files to execute. That reduces supply-chain risk (nothing is downloaded or installed by the skill itself).
Credentials
The skill declares no required env vars or credentials but references sensitive configuration locations and examples (e.g., tools.web.search.apiKey) and instructs unsetting config values. The implicit need to read/write user config and memory files is disproportionate to a passive docs viewer and is not documented in requires.env or required config paths.
Persistence & Privilege
always is false and autonomous invocation is allowed (the platform default). The SKILL.md describes periodic '心跳学习' automatic updates which imply recurring background reads/writes; the skill does not request 'always' but does describe persistent activity — clarify who schedules/authorizes those heartbeats and whether user consent is required.
What to consider before installing
Before installing: 1) Ask the publisher to explain and explicitly declare any filesystem paths the skill will read or write (e.g., /mnt/nas/openclaw-docs, MEMORY.md). 2) Refuse or sandbox any skill that auto-updates from mounted network shares without explicit consent. 3) Require the skill to list exact commands it will run and to limit updates to an opt-in/manual mode (disable automatic heartbeats). 4) If you must use it, run in an isolated environment where the agent cannot access sensitive mounts or credentials, and verify that it cannot modify global OpenClaw config unexpectedly. 5) If the author can show the skill only reads a vetted docs directory and only writes to a declared, user-controlled path, that would reduce risk; otherwise treat it as suspicious.Like a lobster shell, security has layers — review code before you run it.
latestvk97fzdjsqycqmb7raqqr41ncdh84tva3
License
MIT-0
Free to use, modify, and redistribute. No attribution required.