Skillv1.0.0

ClawScan security

Xinqing Journal · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 2, 2026, 6:44 AM

Verdict: Benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's code and instructions are consistent with a local, privacy-focused Chinese mood-journal tool; nothing in the provided files indicates network exfiltration or unrelated credential access, but the submitted sources were truncated so a full-audit is recommended before trusting sensitive data.
Guidance: This skill appears to do what it says: local journaling, simple NLP keyword matching, and JSON reports — no network calls or secret requirements were found in the provided files. However, two caveats before installing: 1) The code shown in the submission was truncated, so review the full scripts (scripts/journal.py and scripts/mood-report.py) to confirm there are no hidden network calls or unexpected file accesses in the omitted portions. 2) Data is stored in cleartext under ~/.openclaw/workspace/data/journal/entries.json; if your entries include highly sensitive information, consider encrypting the data file, restricting filesystem access, or keeping backups. Minor non-security notes: the code attempts to chmod files (may be no-op on some systems) and there are small parsing/keyword edge-cases (e.g., whitespace in a keyword in assets) that affect accuracy but not safety.

Purpose & Capability: okName/description (local mood journal, Chinese NLP, reports) align with requested resources and code: no external credentials, no network calls, data stored under ~/.openclaw/workspace/data/journal, and scripts implement diary CRUD and reporting. Required dependencies declared (Python 3.9+) match the provided Python-only implementation.
Instruction Scope: okSKILL.md instructs CLI usage of the included scripts and documents the local JSON storage path. The code reads/writes only the journal JSON and the local assets/moods.json; it does not reference other system config, credentials, or remote endpoints in the supplied portions.
Install Mechanism: okNo install spec and no external packages are required (standard library only). The skill is instruction-only with Python scripts included, so nothing is downloaded or executed from external URLs during install.
Credentials: okNo environment variables, credentials, or unrelated config paths are requested. The only filesystem access is to a single user-local data directory (~/ .openclaw/workspace/data/journal) and to the bundled assets/moods.json, which is proportionate to the stated purpose.
Persistence & Privilege: okThe skill does not request persistent platform privileges (always:false) and does not attempt to modify other skills or system settings in the provided code. It stores its own data under a dedicated workspace path.