Back to skill
Skillv1.4.2
ClawScan security
OpenClaw Shield · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 3, 2026, 1:51 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent with its stated purpose: it only documents using the OpenClaw Shield plugin/CLI, requests the openclaw binary, has no install actions or secret requests, and explicitly constrains what the agent may read or transmit.
- Guidance
- This skill is a thin adapter telling the agent how to use the UPX/OpenClaw Shield plugin. Before installing/activating the underlying plugin, confirm you trust UPX and their telemetry practices: Shield captures agent activity locally and sends redacted telemetry to UPX's platform (per the SKILL.md). Review the plugin README and UPX privacy/security docs, verify how installation keys are stored and who can access them, and consider inspecting the plugin code or running it in an isolated/test environment if you need stronger assurances about redaction and data handling. If you want the agent to show raw logs, only allow that in-session and be aware raw logs may contain sensitive paths/commands/URLs.
Review Dimensions
- Purpose & Capability
- okName/description match the requested capabilities: SKILL.md instructs only to use the OpenClaw Shield plugin and the openclaw binary. Required binary (openclaw) is appropriate and expected for this skill.
- Instruction Scope
- okRuntime instructions limit the agent to running `openclaw shield` commands, forbid reading filesystem paths or env vars for state, and prohibit sending raw logs externally; behavior stays within the stated scope. The doc does allow presenting raw log content if the user explicitly requests it in-session (a privacy-sensitive but user-driven action).
- Install Mechanism
- okInstruction-only skill with no install spec and no code files — lowest-risk install posture. The README instructs installing the separate plugin package, which is appropriate and expected.
- Credentials
- okThe skill declares no required environment variables, no credentials, and no config paths. The SKILL.md states authentication is handled by the plugin via an installation key (outside this skill), which aligns with the purpose.
- Persistence & Privilege
- okalways:false and no special persistence. The skill is user-invocable and allows autonomous model invocation (platform default) but does not request elevated platform privileges or modify other skills.