Clawhub Upload
PassAudited by ClawScan on May 10, 2026.
Overview
This appears to run fixed local macOS security checks without exfiltration or persistence, but its permissions and marketing claims deserve user awareness.
This skill looks safe to review as a local macOS security-check helper, but install it only if you trust the npm/package source and are comfortable granting local command execution permissions. Do not assume it provides the advertised 52+ checks or real app blocking; the included code implements a small set of read-only checks and an upsell for blocking.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill can run local system inspection commands and return information about your device's security state to the OpenClaw conversation.
The skill executes local shell commands to inspect camera, microphone, firewall, VPN, ports, and Wi-Fi state. The commands are fixed rather than user-controlled, and this is aligned with the stated monitoring purpose.
const execAsync = promisify(exec); ... await execAsync('lsof 2>/dev/null | grep -i "VDCAssistant\\|camera" | grep -v grep || true')Use it only if you are comfortable allowing a skill to run local macOS diagnostic commands; review prompts before allowing broader or unrelated command execution.
If granted by OpenClaw, these permissions give the skill meaningful local inspection authority beyond simple text-only responses.
The skill declares broad local execution, file-read, and network permissions. These are disclosed and plausible for a security-monitoring skill, although the included implementation mainly uses exec and does not show external network transmission.
"permissions": [ "exec", "fs.read", "network" ]
Grant permissions only if you trust the package source, and prefer platform prompts or policy controls that limit execution and file access to the documented security checks.
A user may overestimate what this skill can actually do or rely on it for protection it does not provide.
The documentation advertises many more tasks and a working app-blocking/removal flow, while the included source exports only seven commands and the blockApp function returns a Pro upsell instead of removing an app.
MaclawPro Security brings **52+ professional macOS security tasks** ... User: /block-app Malware ... MaclawPro: 🚨 BLOCKED Malware.app moved to Trash
Treat the advertised 52+ tasks and blocking examples as marketing unless the missing functionality is separately verified; do not rely on this skill as a complete security product.