Back to skill
Skillv1.0.0
ClawScan security
Claw Canvas · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 26, 2026, 1:05 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is a small, coherent wrapper that sends content to OpenClaw's canvas API; it asks for no credentials or installs and contains only minor documentation/implementation mismatches.
- Guidance
- This appears to be a small, legitimate helper that forwards content to the agent's canvas API. Before installing: (1) verify what openclaw.default_api.canvas does in your runtime (does it store, forward, or expose canvas contents externally?), (2) note that the SKILL.md advertises image/progress features that the included script does not implement — if you need those, request or inspect an updated implementation, (3) test the CLI in a safe environment to confirm behavior and output destinations, and (4) if you are concerned about sensitive content being shown, avoid sending secrets to the canvas and confirm any viewers/servers that can access canvas contents.
Review Dimensions
- Purpose & Capability
- noteThe name/description match the code: the CLI sends markdown to openclaw.default_api.canvas to present content. However SKILL.md advertises additional features (display_image, progress, snapshot, interactive thinking) that are not implemented in scripts/canvas_cli.py (only display_markdown exists). This is an inconsistency but not evidence of malicious behavior.
- Instruction Scope
- noteRuntime instructions are narrowly scoped to invoking the CLI to display content. The SKILL.md examples include an image-display command that the included CLI does not implement; otherwise the instructions do not request files, credentials, or unrelated system data. The CLI calls default_api.canvas — review what that API does in your runtime because the script delegates output handling to it.
- Install Mechanism
- okNo install spec and only a small Python script are included. Nothing is downloaded or written during install by this package itself.
- Credentials
- okNo environment variables, credentials, or config paths are required. The only dependency is the presence of an openclaw.default_api object at runtime (expected for an OpenClaw skill).
- Persistence & Privilege
- okThe skill does not request always:true, does not modify other skills or global configuration, and has no install-time persistence instructions.