OpenClaw Use Case Catalog
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: openclaw-usecase-catalog Version: 1.0.0 The skill instructs the OpenClaw agent to perform web searches, write to the local file system (`findings/YYYY-MM-DD.md`), and execute `git add`, `git commit`, and `git push` commands to a remote GitHub repository (SKILL.md). This grants the agent powerful capabilities, including arbitrary shell command execution and network access, which are high-risk. The agent is also instructed to process untrusted content from web searches, creating a significant prompt injection vulnerability that could lead to unauthorized command execution (RCE) or data exfiltration via the `git push` mechanism. The `findings/` files further illustrate the agent's expected capabilities, including SSH access, browser automation with AppleScript, and interaction with sensitive systems, highlighting the broad attack surface and potential for abuse, even if the current intent is benign.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A simple request for use-case inspiration could cause new content to be committed and pushed externally, including mistakes, private context, or untrusted web material.
This makes unreviewed new findings propagate from web research into local files and then a remote Git repository as part of the default workflow.
After each invocation that discovers new use cases, append to (or create) `findings/YYYY-MM-DD.md`... Then commit and push: `git add findings/ && git commit -m "findings: YYYY-MM-DD" && git push`
Require explicit user approval before writing findings or running `git push`; show a diff first and let the user choose the repository, branch, and visibility.
The agent may mutate a GitHub repository using the user's account authority without the user realizing that account credentials are involved.
Pushing to GitHub typically uses the user's local Git credentials or SSH keys, but the skill metadata declares no credential requirement or scope.
Git commit and push to `{github_org}/openclaw-skill-usecases`Declare the GitHub credential requirement, use a dedicated bot or deploy key with limited repository scope, and require confirmation before any push.
A user or agent could treat this as endorsed implementation guidance for social-media automation that bypasses platform protections and risks account abuse or policy violations.
The catalog is intended as inspiration for users, and this entry explicitly presents logged-in browser automation as a way to evade platform bot-detection.
AppleScript controls real logged-in Chrome (not headless) to bypass Reddit's `navigator.webdriver=true` detection.
Remove or clearly quarantine anti-detection tactics; frame social-media automation examples around platform-approved APIs, rate limits, and human review.
Incorrect, untrusted, or sensitive material can become persistent context and influence future recommendations.
The skill builds a persistent knowledge base from web and social sources, then reuses it in later answers.
Reference the catalog below and `findings/` directory for past discoveries; Search the web for fresh examples... Save new findings to `findings/YYYY-MM-DD.md`
Label web findings as untrusted, avoid storing private user details, and review or sanitize entries before reusing or publishing them.