Back to skill
Skillv0.1.0
ClawScan security
CLI-Anything for OpenClaw · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 14, 2026, 2:51 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This is an instruction-only, methodology skill that is internally consistent with its stated purpose (building/refining/testing CLI harnesses) and does not request unexplained credentials or installs.
- Guidance
- This skill is a coherent methodology pack: it tells the agent how to analyze, build, refine, test, and validate CLI harnesses for GUI apps. Before installing or running it, be aware that using the skill will typically cause the agent to: clone or read source repositories you provide, inspect local files (setup.py, tests, HARNESS.md), run test suites (pytest), and invoke local/external executables found on the host (via subprocess). Those actions can modify files, create artifacts, or trigger installed software; they do not require any secrets from you. If you do not fully trust the target repository or want to limit risk, run the skill in a sandboxed environment or provide a read-only copy of the repo and review proposed command lists/changes before allowing execution.
- Findings
[no_code_files_to_scan] expected: The regex-based scanner found no code files because this is an instruction-only skill composed of SKILL.md and reference Markdown files. That is expected for a methodology-only skill.
Review Dimensions
- Purpose & Capability
- okThe name/description and the SKILL.md consistently describe a methodology for building/refining/testing CLI harnesses. No unrelated environment variables, binaries, or install steps are required, which is proportional for an instruction-only methodology skill.
- Instruction Scope
- noteThe runtime instructions direct the agent to clone repositories, read source files (setup.py, HARNESS.md, tests, etc.), run pytest, and invoke local backends via subprocess (shutil.which/subprocess.run). This is coherent for the stated purpose but means the agent will access local filesystem and may execute local binaries when invoked — the user should be aware that the agent may run commands and test suites against the provided codebase.
- Install Mechanism
- okNo install spec and no code files to execute are provided by the skill. That lowers disk-write and supply-chain risk; all behavior is driven by textual instructions and references packaged with the skill.
- Credentials
- okThe skill does not request environment variables, credentials, or config paths. It does mention an optional test-time env var (CLI_ANYTHING_FORCE_INSTALLED) in the reference docs but does not require secrets; the env usage is justified by the testing workflow.
- Persistence & Privilege
- okalways is false and there is no instruction to modify other skills or global agent settings. The skill is user-invocable and can be run autonomously by the agent (platform default), which is expected for this type of methodology skill.