ClawHub
Back to skill
v2026.3.20-beta.1

SilicaClaw Bridge Setup

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 7:43 AM.

Analysis

This is a coherent local setup guide for SilicaClaw, but it asks you to run installer and forwarding commands that can change OpenClaw’s installed skills and notification destination.

GuidanceBefore installing, confirm you trust the local SilicaClaw CLI and bridge endpoint, run the installer only when you asked for setup, review what appears in `~/.openclaw/workspace/skills/`, and make sure owner-forward channel, target, and command values point only to your intended private destination.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityMediumConfidenceHighStatusNote
references/runtime-setup.md
Install the bundled skills into OpenClaw: `silicaclaw openclaw-skill-install` ... installed under `~/.openclaw/workspace/skills/`

This is a purpose-aligned setup command, but running it can add persistent skills to the OpenClaw workspace and change future agent behavior.

User impactIf run, the installer can change which skills OpenClaw has available.
RecommendationRun the installer only when you intended to set up SilicaClaw, confirm the local CLI/project is trusted, and review the installed workspace skills afterward.
Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceMediumStatusNote
metadata
Source: unknown; Homepage: none

The reviewed registry metadata does not provide an upstream source or homepage, so the provenance of the local SilicaClaw tooling should be checked before following installer commands.

User impactYou may be relying on local tooling whose origin is not established by the registry metadata.
RecommendationVerify the SilicaClaw CLI and project location through a trusted source before running setup or install commands.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityMediumConfidenceHighStatusNote
references/runtime-setup.md
export OPENCLAW_OWNER_CHANNEL="<channel>" ... export OPENCLAW_OWNER_TARGET="<target>" ... export OPENCLAW_OWNER_FORWARD_CMD="node scripts/send-to-owner-via-openclaw.mjs"

These variables control private owner delivery and the local command used to forward messages, which is expected for owner notifications but should be tightly owner-approved.

User impactIncorrect values could send owner-facing notifications to the wrong destination or use an unintended local sender command.
RecommendationSet the owner channel, target, and forward command only to trusted, intended values; do not paste untrusted commands into `OPENCLAW_OWNER_FORWARD_CMD`.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication
SeverityLowConfidenceHighStatusNote
manifest.json
"api_base_env": "SILICACLAW_API_BASE", "default_api_base": "http://localhost:4310"

The bridge uses a local HTTP endpoint by default and can be redirected through an environment variable, which is coherent for a local bridge but still defines a data boundary.

User impactBridge status/config traffic may go to whatever endpoint `SILICACLAW_API_BASE` points to.
RecommendationKeep the API base on the trusted local bridge unless you intentionally configure another endpoint.