Skillv1.0.0

ClawScan security

Ping Model · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 4, 2026, 10:22 AM

Verdict: suspicious
Confidence: high
Model: gpt-5-mini
Summary: The skill mostly does what it says (measures and formats latency), but the runtime instructions and code diverge from the README: it shells out to an undeclared 'openclaw' binary and only simulates pings instead of actually switching models or measuring real model processing time.
Guidance: This skill is not outright malicious, but it's inconsistent and somewhat misleading. Before installing or using it: 1) Note that the JS script runs a shell command 'openclaw status' — ensure you have (and trust) an 'openclaw' binary on your system because the script executes it via child_process.execSync. 2) Understand the script only simulates latency using timeouts; it does not actually switch models or call model APIs to measure real model processing time despite SKILL.md claiming cross-model testing. If you need real measurements, review and modify the script to use your platform's official model-switching and timing APIs and verify it restores context safely. 3) Because the script executes shell commands, run it in a trusted or isolated environment if you do not fully trust the skill source. 4) If you expect true cross-model testing, ask the author to: declare 'openclaw' as a required binary, implement explicit model-switching and restore behavior, or document clearly that this is a demo/simulation.

Review Dimensions

Purpose & Capability: concernThe skill description promises cross-model testing and temporarily switching models, but the shipped implementation does not perform real model switching or real API calls — it simulates latencies. The script also invokes an external command ('openclaw status') to read the current model, yet 'openclaw' is not declared as a required binary in the manifest/SKILL.md metadata.
Instruction Scope: concernSKILL.md instructs the agent to save/restore model context and to switch models for cross-model testing, implying interaction with agent/model configuration. The actual script only simulates delays (setTimeout) and does not implement switching or measuring real model response times — this is inconsistent and potentially misleading about what data will be gathered.
Install Mechanism: okNo install spec; the skill is instruction-only plus a Node script. Nothing is downloaded or written to disk by an installer. This is the lower-risk install model.
Credentials: noteThe skill requires Node (declared) and performs a child_process execSync('openclaw status ...') to probe session status, which implies needing the 'openclaw' binary or CLI context. However, 'openclaw' is not listed in the required binaries or manifest. No environment variables or credentials are requested.
Persistence & Privilege: okThe skill does not request always:true, does not declare persistent privileges, and does not modify other skills or system config. It runs as a one-off Node script when invoked.