Clawzempic
PassAudited by ClawScan on May 1, 2026.
Overview
The skill appears to be a disclosed OpenClaw efficiency audit that reads local OpenClaw state and can run over SSH when requested, with no artifact evidence of hidden exfiltration or persistence.
This looks safe for its stated purpose, but treat it like a diagnostic tool with access to your OpenClaw state. Confirm the OpenClaw directory or remote host before running it, and review any generated report before sharing it externally.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The assistant may execute the audit script on the local machine or, if requested, on a remote host via SSH.
The skill asks the agent to run a local shell audit script and supports a remote SSH mode. This is disclosed and central to the audit purpose, but users should confirm the target before running it.
Run `bash skills/clawzembic/lean-audit.sh` (or `--remote user@claudette` for the VM)
Run it only for OpenClaw instances you intend to audit, and verify any remote hostname before approving remote use.
If remote mode is used, the script runs with whatever permissions the SSH account has on the remote OpenClaw instance.
Remote mode uses the user's existing SSH identity and permissions on the target host. This is disclosed and optional, but it is still delegated account access.
For remote instances, ensure SSH key-based auth is configured. The skill uses SSH to execute the audit remotely
Use a least-privileged SSH account where possible and only target hosts you control or are authorized to audit.
Audit output may include details such as oversized memory files, cron job names, session bloat, or transcript sizes from the user's OpenClaw environment.
The audit examines persistent OpenClaw state, including memory/context files, sessions, cron configuration, skills, and transcript storage. This matches the stated purpose but may reveal operational or private metadata in the report.
Scans your installation and scores it across six critical categories: context injection, cron health, session bloat, config health, skill bloat, and transcript size.
Review generated reports before sharing them, especially JSON output intended for dashboards or integrations.