Expertpack Export
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: expertpack-export Version: 1.1.0 The expertpack-export skill bundle is a legitimate utility designed to export an OpenClaw agent's knowledge into a structured 'ExpertPack' format. The included Python scripts (scan.py, distill.py, compose.py, and validate.py) perform workspace inventory, directory scaffolding, and schema validation. The bundle demonstrates a strong security posture by implementing multiple redundant checks for secrets (API keys, tokens) and explicitly instructing the AI agent to strip sensitive data and seek user confirmation before finalizing the export. No evidence of data exfiltration, malicious execution, or harmful prompt injection was found.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A malformed or malicious workspace/scan manifest could cause the export step to create or overwrite files in a location the user did not intend.
compose.py uses scan-manifest pack keys to form a filesystem path without visible slug validation. If the scan manifest or workspace-derived identity slug contains '../' or an absolute path, generated manifest/overview files could be written outside the intended export tree.
agent_slug = agent_packs[0] ... composite_slug = f"{agent_slug}-full" ... composite_dir = export / "composites" / composite_slug
composite_dir.mkdir(parents=True, exist_ok=True)Restrict slugs to safe kebab-case basenames, reject absolute paths and '..', and verify resolved output paths remain inside the selected export directory before writing.
The exported ExpertPack may preserve sensitive personal or operational knowledge and carry it into future agent instances if imported or shared.
The scanner intentionally inventories memory files, logs, and scripts for export. This is aligned with backing up an agent, but those sources can contain private user details, operational infrastructure, and instructions that may later be reused as agent context.
for f in sorted(memory_dir.glob("*.md")): ... logs_dir = ws / "logs" ... for md_file in logs_dir.rglob("*.md"): ... scripts_dir = ws / "scripts"Review the scan manifest and generated pack files carefully, keep user-specific content private, manually check for secrets beyond pattern-based validation, and only share the export with trusted recipients.