client-flow

The OpenClaw AgentSkills skill bundle 'client-flow' is classified as benign. The skill's instructions in SKILL.md describe a comprehensive client onboarding and project management workflow, involving legitimate operations such as creating local/cloud folders, generating documents, sending emails, scheduling meetings, and managing tasks via various external services (Google Drive, Dropbox, Google Calendar, Todoist, etc.). There is no evidence of intentional malicious behavior, data exfiltration, unauthorized execution, persistence mechanisms, or prompt injection attempts designed to harm the agent or user. While the skill interacts with the local filesystem and external APIs, these actions are directly aligned with its stated purpose, and any potential vulnerabilities (e.g., path traversal due to unsanitized input) would be a flaw in the agent's execution environment rather than malicious intent within the skill itself.