Back to skill
Skillv1.0.4
ClawScan security
Loop Engine — Governed Loops for OpenClaw · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 17, 2026, 4:30 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally coherent: it wires Loop Engine governance into OpenClaw, includes optional provider-backed examples that require provider API keys, and does not request unexplained credentials or install unknown binaries.
- Guidance
- This skill appears to do what it says: govern OpenClaw workflows and optionally call third‑party LLMs if you install and configure provider adapters. Before using it: (1) only enable provider-backed adapters if you are comfortable sending the evidence/prompt context to that provider — redact or tokenize PII/PHI/credentials first; (2) verify the npm packages and their maintainers (check the referenced GitHub canonical repo and the @loop-engine packages on npm) to ensure you trust the source; (3) do not paste real sensitive production data into the example scripts or run provider-backed examples with real API keys until you audit retention/training policies of the provider; (4) if you want purely local governance, run the local-mode examples (they do not make network calls). If you need higher assurance, ask for the upstream repository commit hashes or a signed release to validate provenance.
Review Dimensions
- Purpose & Capability
- okName/description match the shipped artifacts: examples and SKILL.md implement Loop Engine governance for OpenClaw and include provider-backed adapters where explicitly documented. The files only require LLM API keys for the provider-backed examples, which is proportional to the described functionality.
- Instruction Scope
- noteSKILL.md and example code clearly distinguish local (no external calls) vs provider-backed modes. Provider-backed examples will send prompt/evidence context to third‑party LLM providers (OpenAI, Anthropic, xAI, Google Gemini) when you install and configure those adapters — this is expected behavior but has data-exposure implications; the documentation repeatedly warns to redact sensitive data.
- Install Mechanism
- okThis is instruction-only (no automatic installer). The documented install steps use npm packages from public registries (moderate risk typical for Node examples). There are no downloads from untrusted URLs or extract/install steps embedded in the skill bundle.
- Credentials
- okNo global required environment variables are declared; examples require provider keys only when using provider-backed adapters (OPENAI_API_KEY, ANTHROPIC_API_KEY, XAI_API_KEY, GOOGLE_AI_API_KEY). Those requests are proportional to doing LLM calls. No unrelated secrets or system config paths are requested.
- Persistence & Privilege
- okFlags show no forced 'always' installation and autonomous invocation is the platform default. The skill does not request system-wide configuration changes or extra privileges in its files.