ClawHub
Back to skill
v1.0.0

New Agent Setup

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 8:19 AM.

Analysis

This setup skill is coherent, but it needs review because it handles Discord bot credentials, changes core OpenClaw configuration, creates persistent cron-based agent activity, and grants optional OneDrive access while the registry declares no credentials or config requirements.

GuidanceReview this skill before installing or invoking it. It appears designed for legitimate new-agent onboarding, but it should only be used by someone comfortable letting an agent edit OpenClaw configuration, handle a Discord bot token, create scheduled cron activity, and optionally link cloud-synced OneDrive folders.

Findings (5)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityMediumConfidenceHighStatusConcern
SKILL.md
Backup `openclaw.json` ... Add agent ... Add Discord account + channel routing + agent routing ... Gateway restart ... `mc register <agent-id>`

The instructions authorize direct edits to core OpenClaw routing/configuration and service restart/register operations, which can affect the broader agent environment.

User impactA mistake or overly broad execution could disrupt existing agents, Discord routing, or the OpenClaw gateway.
RecommendationRequire an explicit user-approved diff before changing openclaw.json, keep backups, document rollback steps, and avoid running gateway or registration commands unless the user confirms the exact agent details.
Rogue Agents
SeverityHighConfidenceHighStatusConcern
references/checklist.md
(crontab -l; echo "<minute>,<minute+10>,...  * * * * MC_AGENT=<agent-id> ~/.openclaw/skills/mission-control/mc checkin >> ~/.openclaw/logs/mc-checkin.log 2>&1") | crontab -

The skill creates a persistent scheduled job for the new agent, and the HEARTBEAT workflow also tells the agent to claim and work on pending tasks.

User impactThe new agent may continue checking in and acting on tasks on a schedule after the initial setup is complete.
RecommendationMake the cron schedule, owner, task scope, and disable/removal procedure explicit before installation; avoid creating persistent jobs unless the user approves them.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityHighConfidenceHighStatusConcern
references/checklist.md
"channels.discord.accounts": { "<agent-id>": { "token": "<bot-token>" } }

The skill instructs the agent to collect and persist a Discord bot token in OpenClaw configuration, even though the registry metadata declares no primary credential or required environment/config paths.

User impactInstalling and invoking this skill may cause an agent to handle a real Discord bot credential and grant that bot access to server channels.
RecommendationOnly use this if you expect the agent to manage Discord bot credentials; declare the credential requirement, use least-privilege bot permissions, protect the config file, and rotate the token if it may have been exposed.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication
SeverityLowConfidenceHighStatusNote
references/checklist.md
ln -sf ~/.openclaw/onedrive/<library> ~/.openclaw/workspace-<agent-id>/onedrive/<library>

The optional OneDrive setup links a shared cloud-synced library into the new agent workspace, creating a data boundary between the agent workspace and cloud-visible files.

User impactIf enabled, the new agent can access and create files in the selected OneDrive-backed library, and those files may sync to Tom's laptop.
RecommendationApprove OneDrive access only for specific libraries, avoid linking sensitive folders, and verify the new agent has only the intended cloud-synced access.
Memory and Context Poisoning
SeverityLowConfidenceHighStatusNote
references/checklist.md
Datei: `~/.openclaw/workspace-<agent-id>/MEMORY.md` ... Format: `<agent-id>=`agent:<agent-id>:discord:channel:<channel-id>``

The skill creates persistent memory and stores a session routing key for future use by the new agent.

User impactFuture agent sessions may rely on persistent memory content and routing pointers created during setup.
RecommendationKeep MEMORY.md limited to non-secret pointers, review it periodically, and do not store tokens, private project details, or untrusted instructions there.