ClawHub
Back to skill
v1.4.1

ExpertPack

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 7:24 AM.

Analysis

This instruction-only skill is coherent and purpose-aligned, but users should review the packs they index and any optional companion tools before use.

GuidanceThis appears safe to install as an instruction-only ExpertPack guide. Before using it, review any ExpertPack contents you load, avoid putting secrets or raw private state in packs, keep RAG paths narrowly scoped, and separately vet any companion tools or MCP servers you choose to install.

Findings (2)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agentic Supply Chain Vulnerabilities
SeverityInfoConfidenceHighStatusNote
SKILL.md
For CLI tooling ... use `expertpack-cli` ... For exporting ... use `expertpack-export` ... For serving a pack as an MCP endpoint ... see EP MCP

The installed skill is instruction-only, but it recommends optional companion packages and an MCP server outside the provided artifacts. Those are purpose-aligned, but they would introduce additional code and integration surface if installed.

User impactInstalling companion tools could add capabilities not present in this reviewed package.
RecommendationReview each companion skill, GitHub repository, and Obsidian plugin separately before installing or granting it access to local packs.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning
SeverityLowConfidenceHighStatusNote
references/consumption.md
Add pack to `memorySearch.extraPaths` in `openclaw.json` ... Tier 1 (Always): Include in every prompt as system context

The skill intentionally makes ExpertPack files available through RAG and prompt context. This is central to the purpose, but pack contents can influence future answers and may include private knowledge if the user stores it there.

User impactSensitive or untrusted pack content could be reused in later agent responses or affect the agent’s behavior.
RecommendationUse trusted packs, inspect Tier 1 files before loading them, keep secrets out of packs, and scope `memorySearch.extraPaths` only to the intended pack directory.