Skillv1.0.1

ClawScan security

Exec Truncate · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 8, 2026, 11:04 PM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's code and instructions align with its stated purpose (truncating/condensing exec output) and request no extraneous credentials or installs, though there are minor inconsistencies and an incomplete source snippet that limit full verification.
Guidance: This skill appears to do what it claims: condense/trim large exec outputs. Before installing or enabling it as a plugin, (1) confirm which runtime you use (Node vs Deno) because examples and code use mixed globals and may need slight adjustments; (2) review the full mod.ts (the provided snippet was truncated) to ensure there are no hidden network calls or file writes; (3) remember that if you wire this into OpenClaw's exec hook it will receive the raw output of commands — avoid running commands that emit secrets (tokens, private files) or review policies about which outputs are routed to plugins; (4) if you plan to install the plugin, inspect the plugin manifest (openclaw.plugin.json) and any install scripts that would be executed on install/restart.

Review Dimensions

Purpose & Capability: noteThe name/description match the code: truncation functions for git diff/log, grep, ls, and build output and a FilteredExecutor to wrap exec calls. Minor inconsistencies: examples show Deno.Command usage in SKILL.md while core code uses Node-style globals (process.cwd(), process.env.HOME), and README claims plugin wiring into OpenClaw hooks although the SKILL.md explicitly states this distribution is standalone. These are likely implementation/platform variations but worth confirming for your runtime environment.
Instruction Scope: okSKILL.md limits runtime behavior to string-processing of command output and to wrapping exec functions; it does not instruct reading unrelated files, contacting external endpoints, or accessing unrelated credentials. The documented fail-safe returns raw output on errors. It does reference optional wrapper scripts and a hook integration, which are consistent with the skill's goal.
Install Mechanism: okNo install spec is declared (instruction-only), so nothing will be pulled or executed at install time by the registry. The package includes source files but no automated download/install steps in the metadata. This is low install risk; if you later install as an OpenClaw plugin, the plugin install path (not provided here) should be reviewed.
Credentials: noteThe skill declares no required env vars or credentials. The code reads environment/system info (process.cwd(), process.env.HOME) to strip path prefixes, which is proportionate to the stated purpose but does mean the code accesses your working directory and home path at runtime. Also note: truncation runs on whatever exec output it is given, and that output may contain sensitive data (tokens, file contents) if commands produce them.
Persistence & Privilege: okSkill metadata does not request always:true and is user-invocable only. The provided code is a library-style utility that does not modify other skills or system-wide settings. If installed as a plugin into OpenClaw, it may be wired to a tool_result_persist hook (per README) and thus will see all exec outputs that the platform routes to that hook — this is expected for the stated purpose but increases the visibility of command outputs.