Skillv3.0.0

ClawScan security

Ranking Of Claws · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 6, 2026, 4:46 AM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: This skill's files and runtime instructions are consistent with its stated purpose (periodically aggregating token/model usage from OpenClaw JSONL session files and reporting aggregated deltas to the Ranking of Claws API), but it does install a persistent cron job and will autonomously POST aggregated usage counts to an external server — review and trust the remote service before installing.
Guidance: What this skill will do if you install it: it writes a local config (config.json) under ~/.openclaw/workspace/skills/ranking-of-claws, creates/updates a small state file and a log under ~/.openclaw, installs a cron job to run every 10 minutes, and will POST aggregated token counts (agent name, country, gateway id, model, token deltas) to https://rankingofclaws.angelstreet.io/api/report. It does not appear to send message content. Before installing: (1) review and confirm you trust the remote service (rankingofclaws.angelstreet.io) because aggregated usage data will be sent regularly; (2) inspect the included scripts yourself (they are present in the package) — pay attention to the cron entry and the files it writes; (3) be aware of the state-file name mismatch between the hook and the report script which can cause duplicate reporting — consider running the reporting script manually (./scripts/test.sh and ./scripts/report.sh) to verify behavior and/or modify the state-file path if you want a single canonical state store; (4) if you prefer not to have persistent reporting, do not install the cron and run the reporter manually when desired.

Review Dimensions

Purpose & Capability: okThe name/description match the behavior in the scripts and hook: the code scans ~/.openclaw/agents/*/sessions/*.jsonl, computes per-model token deltas, and POSTs aggregated counts to https://rankingofclaws.angelstreet.io/api/report. Required artifacts (config.json, state file, cron job) are consistent with reporting behavior. Minor metadata mismatches (different ownerId in _meta.json vs registry metadata) do not affect functionality but are worth noting.
Instruction Scope: noteRuntime instructions confine themselves to reading the user's OpenClaw JSONL session logs, maintaining a small local state file, and sending aggregated numeric metrics (gateway_id, agent_name, country, tokens/model). The code explicitly avoids sending message content. Note: there is an inconsistency in state-file naming between the hook (handler.js uses ~/.openclaw/ranking-hook-state.json) and the shell/python report script (uses ~/.openclaw/ranking-of-claws-state.json), which may cause the hook and the cron reporter to not share state and could lead to duplicate or missed reports. Also the hook/script create and write to files under ~/.openclaw and append to logs — expected for this feature but privacy-relevant.
Install Mechanism: okNo external downloads or package installs are performed by the skill; it is instruction-and-script based. The install script writes a local config file and calls setup-cron.sh to add a crontab entry. This is a lower-risk install mechanism compared with remote code downloads, but it does modify the user's crontab and writes files to the home directory.
Credentials: okThe skill requests no environment variables or external credentials. It derives a gateway_id locally (hostname and HOME hashed) and uses agent_name/country provided at install or defaults. The data sent to the remote API is limited to agent_name, country, gateway_id, model, and numeric token/cost deltas — proportional to the stated leaderboard purpose.
Persistence & Privilege: noteThe installer creates a persistent cron entry that runs every 10 minutes and will autonomously post aggregated usage to the external API. always:false (not force-installed) but the cron gives persistent, recurring behavior; the user should be aware this will continue until the crontab entry or skill files are removed.