Back to skill
Skillv1.0.0
ClawScan security
OpenClaw Skill Lazy Loader · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 28, 2026, 1:56 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, instructions, and requirements are coherent with its stated purpose (index-based lazy loading of skill/context files) and do not request unrelated credentials or install anything risky.
- Guidance
- This skill is internally consistent and appears to do what it says: provide a catalog pattern and a local Python helper that recommends which skill files to load. Before installing, review the SKILLS.md you create and the individual SKILL.md files it points to (those files are what your agent will later load and act upon). Confirm the .clawhubsafe hashes if you need provenance assurance and be aware that lazy loading reduces token costs but does not reduce the need to trust the actual per-skill SKILL.md contents the agent may load later.
Review Dimensions
- Purpose & Capability
- okName/description describe a lazy-loading pattern and a small local helper. The package contains only documentation and a single Python helper that reads a local SKILLS.md and scores a task against keyword tables — nothing in the bundle requires network access, elevated privileges, or unrelated credentials.
- Instruction Scope
- okSKILL.md instructs agents to load a lightweight SKILLS.md at startup and load individual SKILL.md files on demand. The instructions only reference local files (SKILLS.md, per-skill SKILL.md, memory files). This stays inside the stated purpose. Note: the pattern intentionally defers reading other SKILL.md files to later — you should still audit those downstream SKILL.md files because lazy loading just delays when potentially dangerous instructions would be read/executed.
- Install Mechanism
- okNo install spec is provided; this is instruction-only plus a small CLI script. No downloads, no archive extraction, and no third-party packages are installed by the skill itself.
- Credentials
- okThe skill declares no required environment variables, no credentials, and no config paths. The Python helper uses only stdlib and command-line args. There are no disproportionate secret requests.
- Persistence & Privilege
- okThe skill does not request permanent presence (always:false) and does not modify other skills or system config. It does recommend copying templates into your workspace, but that is a user-driven file operation — the skill itself does not write files or alter agent config.