ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Clawzempic

v1.0.0

Lighthouse-style efficiency audit for OpenClaw. Scores your instance A+ to F across 6 categories (context injection, cron health, session bloat, config, skil...

0· 528·1 current·1 all-time
by@anna-claudette·duplicate of @anna-claudette/clawzempic-test-deleteme
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description match the implementation: scripts scan .openclaw workspace, agents, and cron stores to produce an efficiency score. Required binary (python3) and declared zero-deps are consistent with the Python stdlib implementation.
Instruction Scope
SKILL.md and the scripts instruct the agent to read files under the OpenClaw install (workspace files, agent session stores, cron job JSON, transcripts). That is necessary for an audit, but these files can contain sensitive data (transcripts, session content). The remote mode streams the audit script over SSH and executes it on the target, which is expected for remote auditing but means the script will run with the remote user's privileges and have full read access to the target .openclaw directory.
Install Mechanism
No installation step or third-party downloads. The skill is instruction-first with bundled scripts; nothing writes or fetches code from external URLs during install.
Credentials
No environment variables or credentials are required. The script optionally respects OPENCLAW_DIR to target a custom path. There are no requests for unrelated cloud/API keys or system secrets in the provided code.
Persistence & Privilege
always:false and no evidence of the skill modifying other skills or system-wide agent settings. However the tool exposes a --fix mode (passed from the bash wrapper to the Python script) that may perform remediation; README claims fixes require confirmation but the wrapper simply forwards the flag. You should confirm how --fix behaves (dry-run vs destructive) before running it, especially on production instances.
Assessment
This skill appears to do what it claims: auditing OpenClaw directories and optionally running on a remote host via SSH. Before installing or running it on production data: 1) Review the remainder of lean-report.py (the audit logic beyond the truncation) to confirm there are no network calls, hidden endpoints, or code that exfiltrates files. 2) Test in a staging environment and run with --json or a dry-run to inspect outputs before using --fix. 3) If you use --remote, only SSH into hosts you control and understand that the script will run with the remote user's privileges. 4) Back up important transcripts/config before applying any automated fixes. If you want higher assurance, ask the publisher for a provenance/source URL or sign-off; the README references ClawHub but the skill metadata/homepage is missing.

Like a lobster shell, security has layers — review code before you run it.

latestvk9780xz33k2byx7j3trrqr5jzh81m68z

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

💊 Clawdis
Any binpython3

Comments