Skillv1.0.0

ClawScan security

Doppleganger · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignFeb 27, 2026, 1:07 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is internally consistent: it simply calls a local subagent-tracker script to detect duplicate tasks and does not request extra credentials, perform network I/O, or install arbitrary code.
Guidance: This skill is coherent and low-risk but depends on the local subagent-tracker script: before installing, verify that subagent-tracker/scripts/subagent_tracker.py exists in your workspace and review that script's behavior since Doppleganger executes it via subprocess. Also confirm OPENCLAW_HOME points to the intended workspace (or rely on the fallback path). If the tracker script is untrusted or located in a writable/untrusted path, an attacker could swap it to alter behavior.

Purpose & Capability: okName, description, SKILL.md, README, config, and the Python script all align: the skill's sole purpose is to check for duplicate subagent tasks by delegating to the subagent-tracker.
Instruction Scope: okRuntime instructions and the script stay within scope: they run a local tracker script with a task string and return JSON or exit codes. They do not read unrelated system files, request network endpoints, or exfiltrate data.
Install Mechanism: okThis is an instruction-only skill with no install spec; it includes a small local Python script and relies on an existing subagent-tracker script. No remote downloads or archive extraction occur.
Credentials: okNo environment variables, credentials, or config paths are required. The script uses OPENCLAW_HOME (defaulting to ~/.openclaw) to locate the tracker—this is proportional to its need to find the collaborator script.
Persistence & Privilege: okThe skill does not request permanent/always-on presence, does not modify other skills, and does not change system-wide settings. It simply executes as invoked.