Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
ClawUsage Windows Hardlock
v0.2.1Run local clawusage monitoring commands from chat (Telegram/Feishu). Use when user types `/clawusage ...` or asks to check Codex usage, enable/disable auto i...
⭐ 0· 454·0 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's name/description match the included PowerShell scripts: it inspects local OpenClaw session and usage data to report quotas and set idle alerts. Reading .openclaw workspace files and materializing/running local PS1 scripts is coherent with its stated monitoring purpose. However, extracting an auth token from OpenClaw's auth-profiles.json to query remote usage is a higher-privilege action than a simple local monitor and is not explicitly documented in the SKILL.md.
Instruction Scope
The runtime scripts (openclaw-usage-monitor.ps1 and clawusage-auto-worker.ps1) parse local session logs and auth-profiles.json to compute token/usage data, and they perform an outbound HTTPS call to https://chatgpt.com/backend-api/wham/usage using a bearer token taken from the local auth file. The SKILL.md does not explicitly state that local credentials will be read or that external network calls will be made with those tokens. That combination (reading local creds + remote call) is sensitive and worth scrutiny.
Install Mechanism
Instruction-only skill with bundled .txt PowerShell scripts; no downloads or third-party install steps. It will copy packaged text files into a runtime folder under %USERPROFILE% and execute them. No external install URLs or extracted archives are used.
Credentials
The skill declares no required env vars or credentials, yet the scripts access user files (e.g., %USERPROFILE%\.openclaw\agents\main\agent\auth-profiles.json and session logs) and optionally include local tokens in output. Using a locally stored auth token to call an external API is not reflected in the metadata and is disproportionate for a 'view usage' description unless the user expects the tool to use that token.
Persistence & Privilege
The scripts can create a persistent runtime directory under %USERPROFILE% (\.clawusage\skill-runtime) and can register a Windows Scheduled Task (ClawUsageAuto) to run the background worker at intervals. This is consistent with 'auto idle alerts' functionality but is a persistent change that will run periodically in the user's account.
What to consider before installing
This skill will copy bundled PowerShell files into your user profile, read OpenClaw session logs and the local auth-profiles.json, and make an outbound request to https://chatgpt.com/backend-api/wham/usage using the token it finds. That can expose or transmit your local credentials to a remote endpoint. If you want to install it, first: (1) inspect the three included scripts locally (they're in the skill package) to confirm behavior and the exact endpoints called; (2) do not enable the 'auto' scheduled task unless you trust the code and endpoint; (3) consider running it in a restricted/test account or offline to verify what data it prints; and (4) ask the publisher to explicitly state why a bearer token is needed and which remote host will receive it. If you are uncomfortable with local token access or unknown network calls, do not install or run the skill.Like a lobster shell, security has layers — review code before you run it.
latestvk971qr6fc9msyrq36c5kqm0tv982a4y0openclawvk971qr6fc9msyrq36c5kqm0tv982a4y0windowsvk971qr6fc9msyrq36c5kqm0tv982a4y0
License
MIT-0
Free to use, modify, and redistribute. No attribution required.