ClawHub
Back to skill
Skillv3.3.5

Static analysis security

Openclaw Skill · Deterministic local checks for risky code patterns and metadata mismatches.

Scanner verdict

ReviewApr 30, 2026, 4:59 AM
Summary
Detected: suspicious.env_credential_access, suspicious.prompt_injection_instructions
Reason codes
suspicious.env_credential_accesssuspicious.prompt_injection_instructions
Engine
v2.4.5

Evidence

criticalexamples/create-conversation.ts:28
Environment variable access combined with network send.
suspicious.env_credential_access
criticalexamples/hiring.ts:173
Environment variable access combined with network send.
suspicious.env_credential_access
criticalexamples/manage-credentials.ts:19
Environment variable access combined with network send.
suspicious.env_credential_access
criticalexamples/standing-queries.ts:598
Environment variable access combined with network send.
suspicious.env_credential_access
warnTOKENOMICS.md:218
Prompt-injection style instruction pattern detected.
suspicious.prompt_injection_instructions