Back to skill
Skillv1.0.0
ClawScan security
Exposure Sentinel · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 11, 2026, 4:34 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's files and runtime instructions are consistent with its stated purpose: it scrapes the public OpenClaw Exposure Watchboard for listed IPs and does not request unrelated credentials or hidden permissions.
- Guidance
- This skill appears to do what it says: run the included Python script to check the public OpenClaw Exposure Watchboard for IPs. Before installing/running, confirm you have a compatible Python environment and install aiohttp. Be aware the script aggressively fetches thousands of pages with 50 concurrent connections — that can generate significant traffic and could be considered abusive by the target site; consider lowering CONCURRENT_LIMIT or contacting the site owner, obey robots.txt and terms of service, and avoid running scans from sensitive networks. If you need more assurance, inspect the script yourself or run it from an isolated environment (rate-limit / proxy) to avoid accidental abuse.
Review Dimensions
- Purpose & Capability
- okName/description match the implementation: the Python script fetches pages from https://openclaw.allegro.earth and searches for the target IP(s). No unrelated credentials, binaries, or config paths are requested.
- Instruction Scope
- okSKILL.md instructs the agent to run the included script to scan the public site. The instructions do not ask the agent to read local files, environment variables, or transmit results to other endpoints. Note: the tool performs broad network requests (all pages on the site) which is consistent with the claimed full-site scan.
- Install Mechanism
- noteThis is an instruction-only skill with no install spec. The bundled script depends on aiohttp (and Python 3.9+ annotations); the skill does not declare or install that dependency. That is not malicious but you should ensure the runtime has the required Python packages available.
- Credentials
- okThe skill requests no environment variables, credentials, or config paths. The lack of secrets is proportionate to a public-site scraping/checking tool.
- Persistence & Privilege
- okThe skill is not always-enabled and does not modify agent/system configuration. It does not request persistent privileges or autonomy beyond normal agent invocation.