Skillv0.1.0

ClawScan security

Lmstudio Model Switch · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewMar 14, 2026, 6:23 PM

Verdict: Review
Confidence: medium
Model: gpt-5-mini
Summary: The instructions mostly match a model-switching purpose, but there are inconsistencies and potentially risky operations (editing agent config, restarting services, a placeholder repo URL, and an undocumented Kimi API credential) you should understand before installing.
Guidance: This skill is instruction-only and will ask you (or the agent) to edit your OpenClaw config and restart services. Before using it: 1) Do not run the placeholder git clone URL — verify the repository and author. 2) Inspect any code or scripts before executing them. 3) Back up ~/.openclaw/openclaw.json (the README already suggests this) and confirm where your Kimi API key is stored; the skill doesn't declare how it expects the key to be provided. 4) Be prepared that it will restart the openclaw gateway and may kill/restart local LM Studio processes — test in a safe environment first. 5) If you lack sysuser/systemctl access or are unsure what modifying agents.defaults.primary does, get an admin to review the change. If the author/publishing repo cannot be verified, avoid installing or performing the commands as-is.

Review Dimensions

Purpose & Capability: noteThe skill's name and description match the instructions: it edits OpenClaw config and restarts the gateway to switch models between a local LM Studio and a Kimi cloud API. However, the README mentions a required Kimi API key but the skill metadata declares no required credentials; the install/clone URL in the README is a placeholder (https://github.com/yourusername/...), and the skill source/homepage are unknown, which reduces provenance and trust.
Instruction Scope: concernThe SKILL.md directs the operator/agent to modify ~/.openclaw/openclaw.json (backup+edit), validate JSON, and restart the OpenClaw gateway (systemctl --user restart openclaw-gateway). It also suggests killing/restarting lmstudio (killall lmstudio; lmstudio &). These are powerful system actions that affect agent configuration and running processes. While they are coherent with the stated purpose, they grant the skill scope to change global agent behavior and stop/restart local services — worth caution.
Install Mechanism: noteThere is no install spec and no code files (instruction-only), so nothing will automatically be downloaded or written by the platform. The README suggests cloning a GitHub repo, but the provided URL is a placeholder and not authoritative; this weak provenance is a risk if a user follows it blindly to fetch code from an unknown source.
Credentials: concernThe documentation states 'Kimi API key configured (for API mode)' but the skill metadata lists no required environment variables or primary credential. It's unclear where/how that API key is expected to be stored (openclaw.json, env var, credential store). Additionally, modifying openclaw.json could expose or change other skills' configuration or credentials if present in that file. The requested scope (editing agent config and restarting services) is proportionate to switching models but the missing explicit credential handling is an inconsistency.
Persistence & Privilege: noteThe skill does not request always: true and will not be force-included. It instructs changing the agent's main config file (~/.openclaw/openclaw.json) and restarting the gateway service; that is a privileged action relative to ordinary read-only skills but is functionally required to change the active model. Users should be aware this permanently alters agent configuration unless they restore from backup.