Skillv1.0.1

ClawScan security

Obsidian Openclaw Sync · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 2, 2026, 2:04 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's code and runtime instructions are coherent with its stated purpose (managing symlinks between a local OpenClaw config and Obsidian iCloud vaults); it performs local filesystem operations and does not request credentials or network access, but the package has no upstream homepage/author information so exercise normal caution.
Guidance: This tool appears to do exactly what it says — locate Obsidian vaults in iCloud and manage symlinks for OpenClaw config. Before installing/running: (1) review scripts/sync_helper.py and run.sh yourself (they're included) to confirm behavior; (2) run the status command first (no changes) to verify detected vaults; (3) back up your local ~/.openclaw and any openclaw.json files before using --overwrite; (4) run the tool on a test machine or sandbox if you are unsure; (5) note there is no homepage or publisher metadata — prefer installing software from known sources or add extra scrutiny if you cannot verify the author.

Review Dimensions

Purpose & Capability: okName/description match what is present in SKILL.md and the included scripts: the Python helper and wrapper bash script locate the macOS iCloud Obsidian path, enumerate vaults, inspect .obsidian/openclaw.json, report status, and create/manage symlinks. No unrelated services, credentials, or binaries are requested.
Instruction Scope: okSKILL.md instructs running the bundled run.sh which invokes the bundled Python script. The instructions operate on local filesystem paths (~/Library/... and ~/.openclaw) and include an explicit --overwrite option that will replace local openclaw.json with an iCloud symlink. There are no instructions to collect system-wide secrets, call external endpoints, or read unrelated configuration files. The overwrite behavior is explicit and should be used with care.
Install Mechanism: okNo install spec is provided (instruction-only skill with bundled scripts). The runtime is the included run.sh and scripts/sync_helper.py; nothing is downloaded or installed from the network. This is the lower-risk model for distribution, but verify the bundled scripts before running.
Credentials: okThe skill declares no required environment variables or credentials and the code does not appear to access environment secrets. It only uses standard filesystem access under the user's home directory, which is necessary for the stated purpose.
Persistence & Privilege: okalways is false and the skill does not request elevated/system-wide persistence. It performs local file operations and symlink management scoped to the user's home directory and its own config; it does not modify other skills or global agent settings.