ClawSentinel
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: clawsentinel Version: 2.3.5 The skill bundle describes a security auditing tool named ClawSentinel. Its `SKILL.md` clearly outlines its purpose as a local, read-only scanner for skill markdown and GitHub repositories, explicitly stating it fetches from `raw.githubusercontent.com` only when auditing a public GitHub repo. There is no evidence of malicious intent, data exfiltration, unauthorized execution, or prompt injection instructions designed to compromise the agent or user. The described network activity is consistent with its stated function as a GitHub repository auditor.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If you ask it to audit a GitHub repository, your agent may fetch public files from GitHub.
The skill may direct the agent to retrieve public GitHub content, but the network access is disclosed, user-directed, and coherent with repository auditing.
Only fetches raw.githubusercontent.com when you explicitly audit a public GitHub repo
Use it only on repositories you intend to review, and do not assume it audits private or non-GitHub sources unless separately configured.
You have less external information to verify who maintains the skill or whether the registry entry matches an upstream project.
For a security scanner, limited source and homepage provenance makes it harder for users to verify authorship or maintenance history, though no code or install script is present.
Source: unknown; Homepage: none
Prefer security tools with clear source links and version history when provenance matters.
The wording may encourage extra trust in the scanner's results or guarantees.
The skill uses strong safety/privacy guarantees and fear-oriented language; this is not malicious by itself, but users should not over-rely on the claims without independent verification.
100% local read-only analysis ... Zero telemetry in base version ... ClawHub is infested right now.
Treat scan output as advisory and combine it with other review practices for important installations.