Skillv1.0.0

ClawScan security

Context Engine · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 6, 2026, 9:46 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill mostly does what it says (local project/context save & restore) but contains several mismatches (hardcoded /home/deus path, no declared runtime requirement for Node, SKILL.md references storage paths not declared), so review before installing or running.
Guidance: This skill appears to implement a local project/context manager and does not show network calls or secret exfiltration in the visible code, but there are a few inconsistencies you should address before installing: - The package includes a Node CLI (scripts/context-engine.js) and SKILL.md shows 'node context-engine.js' usage, yet the manifest lists no required binaries. Verify you will run it with a trusted Node runtime and that the platform requirement is acceptable. - The code and SKILL.md hardcode /home/deus/.openclaw/workspace/memory/projects/ as the storage path. If your account is not 'deus' this will either fail or create files at an unexpected absolute path. Consider editing the script to use a relative or configurable path (e.g., process.env.HOME or a skill config) before use. - The skill writes JSON files (projects.json, session.json) and will create them if missing. Review file permissions and ownership after running to ensure no unintended data exposure. - The provided script was truncated in the package listing; inspect the entire scripts/context-engine.js file locally to confirm the unseen portion does not perform network requests, spawn arbitrary child processes, or access other system locations. If you trust the author and you or your admin can (a) run the script under an appropriate user, (b) change the hardcoded path to a safe configurable path, and (c) confirm the remainder of the script has no unexpected behavior, the skill is reasonable to use. If you cannot review or change the code, consider running it in a sandbox or rejecting installation.

Review Dimensions

Purpose & Capability: noteName/description (manage project context across sessions) aligns with the included implementation: a Node CLI that reads/writes project/session JSON files and provides commands for save/restore/summarize/switch. However, the registry metadata declares no required config paths while SKILL.md and the code explicitly use a storage directory (/home/deus/.openclaw/workspace/memory/projects/), which is an inconsistency worth noting.
Instruction Scope: noteSKILL.md stays within scope (save/restore/summarize/switch projects) and documents where data is stored. It does instruct the agent to update long-term memory but gives no external endpoints. The instructions and code reference reading/writing local JSON files in the user's home directory — expected for this purpose but not declared in the manifest.
Install Mechanism: concernThere is no install spec (instruction-only), but a Node script (scripts/context-engine.js) is included and SKILL.md shows CLI usage via 'node context-engine.js'. The manifest declared no required binaries; that is inconsistent — the skill effectively requires a Node runtime to operate. That mismatch increases risk because the runtime dependency is not declared.
Credentials: concernThe skill requests no environment variables or credentials (which is appropriate), but the implementation hardcodes an absolute path in /home/deus. Hardcoding a specific home directory is brittle and unexpected (and could behave oddly if run under a different user). The code writes and may create files there without the manifest declaring required config paths or storage access — an unexplained footprint.
Persistence & Privilege: okalways is false and the skill does not request elevated platform privileges. Its persistence is limited to creating/updating files under the specified projects directory. It does not modify other skills' configs or declare autonomous always-on privileges.