Meta Research
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: meta-research Version: 2.5.0 The skill is classified as suspicious due to its broad `allowed-tools` permissions, specifically `Bash` and extensive file system access (`Read`, `Write`, `Edit`, `Glob`, `Grep`). While the skill's instructions across all `.md` files are consistently aligned with its stated purpose of an 'Autonomous research workflow agent' and promote rigorous, reproducible, and ethical research practices, the inherent capability to execute arbitrary shell commands (`Bash`) and manipulate the file system presents a significant vulnerability for potential remote code execution or unauthorized file operations if the agent's prompt handling or execution environment were compromised. There is no evidence of intentional malicious behavior such as data exfiltration, backdoor installation, or obfuscation within the provided files.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
You may not be able to easily verify where the skill came from or compare it to an upstream project.
The package has limited provenance information. This does not show malicious behavior, and the skill is instruction-only with no install script, but users have less source context to verify authorship.
Source: unknown; Homepage: none
Verify the publisher and source if provenance matters for your environment, especially before using it on sensitive research projects.
When invoked, the assistant may edit research files, run local commands, search the web, and manage task state as part of the workflow.
The skill declares broad local file, shell, web, and task-management tools. These are expected for literature search, experiment setup, and analysis, but they are still capabilities users should supervise.
allowed-tools: Read, Write, Edit, Glob, Grep, Bash, WebSearch, WebFetch, Task, TaskCreate, TaskUpdate, TaskList, AskUserQuestion
Use it in the intended project workspace and review proposed file edits, Bash commands, expensive experiments, or publication/release actions before approving them.
Research decisions, datasets, paper notes, and literature summaries may remain in project files and be reused later.
The workflow intentionally persists decisions, research artifacts, evidence maps, and reusable resources across explorations. This is purpose-aligned, but persistent notes can retain sensitive or incorrect context.
Logbox tracking: maintain a running log of milestones ... Failed explorations stay in place ... Shared resources ... shared/literature/
Avoid putting private, identifiable, embargoed, or confidential material into shared logs unless that is intended, and periodically review archived/shared artifacts for stale or sensitive content.