Skillv0.1.0

ClawScan security

Learning System · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 24, 2026, 12:43 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code and instructions are consistent with a personal learning/notes management tool: it reads and summarizes local notes/memory files and produces reports, and does not request extra credentials or perform network exfiltration.
Guidance: This skill appears to be a coherent local learning/notes manager. Before installing: - Backup your ~/.openclaw/workspace/notes and memory directories if you want to preserve current notes, because the skill reads and may create/update files there. - Note that 'send summary via Feishu' is mentioned in the docs but there is no Feishu integration or credentials in the package; if you want automated sending, you will need to add/configure the integration (and supply credentials) yourself. - The skill can run in '--quick' mode which skips confirmations and will auto-create/update notes—use that carefully if you want manual review of changes. - The scripts scan your workspace memory logs for PR/recap mentions; ensure sensitive information is not present in those logs if you run the scripts. - The SKILL.md states it may 'load other AI/ML skills' as references — be aware that invoking other skills can expand capabilities/privileges at runtime; review those other skills before enabling automatic cross-skill loading. Overall: functionality and required access are proportional to the stated purpose; no network exfiltration or secret access was found in the provided files.

Review Dimensions

Purpose & Capability: okName/description match the behavior: scripts and SKILL.md focus on turning notes/PRs/memory logs into deep-dive notes, weekly reviews, and mastery scores. Required capabilities (reading workspace files, creating notes) are proportional and expected for this purpose.
Instruction Scope: noteRuntime instructions and scripts read files under ~/.openclaw/workspace (notes, memory, deep-dives) and create/update notes. This is coherent for a learning system, but the SKILL.md mentions sending summaries via Feishu and 'checking PR records' without providing implementation or required credentials—those steps are either manual or rely on external integrations not present in the package.
Install Mechanism: okNo install spec; skill is instruction + local Python scripts. No remote downloads or packaged installs are invoked, so install risk is low.
Credentials: okThe skill requests no environment variables or credentials. The scripts operate on files under the user's OpenClaw workspace (~/.openclaw/workspace). That file access is proportional to the stated purpose. There are no calls to external endpoints or hidden credential requirements in the provided code.
Persistence & Privilege: okalways:false and no special privileges requested. The skill reads/writes user workspace files (notes, memory) which is expected for a notes/learning tool. There is mention of scheduling via cron in README (out-of-band), but the skill itself does not force persistent installation or modify other skills' configs.