Skillv1.0.3

ClawScan security

Web Clipper · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 22, 2026, 2:23 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, instructions, and requests are consistent with a web-to-Markdown clipper that uses the Jina Reader API and writes clippings to a local Obsidian-style folder; nothing requested or installed is disproportionate to that purpose.
Guidance: This skill appears to do what it says: it will fetch remote http(s) pages you ask it to and save Markdown files under a directory in your home (~/.openclaw/obsidian-cache by default). Before installing, consider: (1) review the bundled script (already included) to confirm the save path is acceptable; (2) if you provide a JINA_API_KEY, store it in ~/.openclaw/.env and protect that file's permissions—the script only loads JINA_API_KEY and OPENCLAW_VAULT by design; (3) be aware that invoking the skill causes the agent to make outbound requests to r.jina.ai for each URL you save, so only ask it to fetch URLs you trust; (4) ensure the environment has Python and the 'requests' package; and (5) if you allow autonomous agent actions, remember the agent can execute skills you enable—this skill will fetch and save any URL the agent is instructed to clip, which is expected behavior but worth keeping in mind.

Purpose & Capability: okName/description (Obsidian Markdown clipping via Jina Reader) match the included script and SKILL.md: the script fetches a URL via Jina, converts to Markdown, and writes a file into a local vault. No unrelated credentials or system-wide services are requested.
Instruction Scope: okSKILL.md directs execution of the bundled Python script with a URL and optional flags. The script only fetches remote http(s) URLs, converts content, and writes files into a user-scoped vault path. It does not read arbitrary system files, other skill configs, or send data to unexpected endpoints (it posts to r.jina.ai as documented).
Install Mechanism: okThis is instruction-only with a small bundled script; there is no install/download of third-party archives. The only runtime dependency is the widely used 'requests' Python package (documented).
Credentials: noteRegistry metadata lists no required env vars, but SKILL.md and the script optionally use JINA_API_KEY and OPENCLAW_VAULT loaded from ~/.openclaw/.env. The script explicitly limits loaded keys to JINA_API_KEY and OPENCLAW_VAULT, which is proportionate, but the registry could explicitly declare the optional JINA_API_KEY for clarity.
Persistence & Privilege: okSkill is not marked always:true and does not modify global agent settings. It writes clippings into a user-scoped directory (default ~/.openclaw/obsidian-cache) and only reads a small, documented ~/.openclaw/.env file for two allowed keys.