Review
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: solo-review Version: 1.1.1 The skill is classified as suspicious due to its extensive use of the `Bash` tool for executing various commands, including `grep` for potentially sensitive patterns like `sk_live`, `sk_test`, and `password` in source files. While the stated purpose is a security audit, this capability (found in SKILL.md) inherently carries a risk of information disclosure if the agent's output or environment is compromised. Additionally, the skill initiates network calls to external services (e.g., Vercel, Cloudflare, Fly.io logs) and modifies the git repository, which, while aligned with its review function, expands the attack surface. There is no clear evidence of intentional malicious behavior like unauthorized data exfiltration to third-party domains or persistence mechanisms, but the high-risk capabilities warrant a 'suspicious' classification.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Using this on an untrusted repository could run code from that repository on the user's machine.
The skill directs the agent to run local project commands. This is expected for a final review skill, but those commands may execute project-controlled scripts.
Run the full test suite ... make test ... npm test -- --coverage ... uv run pytest ... swift test
Run the skill only on trusted projects or inside a sandbox/container when reviewing unfamiliar code.
The review may change acceptance-criteria checkboxes in the repository, which could affect later pipeline status or human interpretation of completion.
The skill is allowed to mutate project documentation during review. The action is scoped and disclosed, but it is more than a read-only quality report.
Update spec.md checkboxes. After verifying each criterion, use Edit tool to change `- [ ]` to `- [x]` in spec.md.
Review any spec.md edits before committing them, and ensure checkbox updates are backed by real implementation and test evidence.
Past-session or cross-project context could influence the review or expose information from other projects if the connected MCP tools provide it.
The skill can use retrieved session/project context from MCP tools. This is purpose-aligned for review assistance, but retrieved context can include stale, sensitive, or misleading information.
`session_search(query)` — find past review patterns and common issues; `project_code_search(query, project)` — find similar code patterns across projects
Use only trusted MCP backends and verify findings against the current project files before acting on them.