ClawHub
Back to skill
v1.0.1

Multi-Angle-Thinking

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 7:35 AM.

Analysis

This is a disclosed deep-analysis skill that uses web search and optional prompt-reminder hooks, with no artifact evidence of credential theft, exfiltration, or destructive behavior.

GuidanceThis skill appears safe for its stated purpose. Before installing, understand that deep-analysis requests may use web search, and only enable the optional OpenClaw hook if you want automatic prompt-based reminders.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityLowConfidenceHighStatusNote
SKILL.md
استخدم web_search للاستعلامات المتعددة
- استخدم web_fetch للمصادر الأولية المهمة
- 3 إلى 6 عمليات بحث حسب تعقيد الموضوع

The skill directs the agent to use external web search/fetch tools as part of its analysis pipeline. This is purpose-aligned and bounded, but users should understand that their topic may be sent to web tools.

User impactDeep-analysis requests may cause the agent to browse the web and send search queries related to the user’s topic.
RecommendationAvoid invoking this skill on private or confidential topics unless you are comfortable with web-search queries being made, and keep the documented search limits.
Agent Goal Hijack
SeverityLowConfidenceHighStatusNote
hooks/openclaw/handler.js
event: 'UserPromptSubmit',
handler: (context) => {
  const prompt = (context.prompt || '').toLowerCase();
...
  if (shouldActivate) {
    return { inject: REMINDER };
  }

The optional hook monitors submitted prompts for trigger phrases and injects additional instructions into the agent context. This is disclosed and aligned with the skill’s purpose, but it can steer responses when enabled.

User impactIf the hook is enabled, prompts containing broad trigger words such as “analyze” or “simulate” may cause the agent to enter the full deep-analysis workflow.
RecommendationEnable the hook only if you want automatic reminders, and disable it if it makes the agent over-apply the skill.
Agentic Supply Chain Vulnerabilities
SeverityInfoConfidenceHighStatusNote
metadata
Source: unknown
Homepage: none
No install spec — this is an instruction-only skill.
Code file presence: scripts/activator.sh ... hooks/openclaw/handler.js

The registry does not provide an upstream source or homepage, while the artifact includes optional executable/hook code. The code is small and disclosed, so this is a provenance note rather than a security concern.

User impactUsers are relying on the registry artifact itself rather than a verifiable upstream repository for the optional hook code.
RecommendationReview the included hook and shell script before enabling them, and avoid cloning placeholder or unverified repositories.