Back to skill
Skillv1.0.0
ClawScan security
How To Do · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 12, 2026, 10:03 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This is an instruction-only onboarding/guide skill whose files and script match its stated purpose and request no elevated credentials or suspicious installs.
- Guidance
- This skill appears coherent and safe: it provides documentation and a benign interactive assessment script that saves a local markdown report. Before installing, verify the publisher/owner (the manifest ownerId values disagree) and review the quick-assessment.sh file if you want to confirm it fits your security posture. Also be aware the skill recommends installing other skills (e.g., self-improving-agent, github, slack) — check each recommended skill's permissions and credentials before installing them. If you need higher assurance, ask the publisher for a canonical homepage or repository and confirm the owner identity.
Review Dimensions
- Purpose & Capability
- okName/description (OpenClaw usage guide) align with the contents: SKILL.md provides onboarding, workflows, and recommendations; included quick-assessment.sh is a benign interactive questionnaire to generate a local report. No unrelated credentials, binaries, or cloud access are requested. One minor inconsistency: registry metadata ownerId in the header (kn77...) differs from _meta.json.ownerId (ou_1cda...), which is a metadata mismatch but not an operational risk.
- Instruction Scope
- okRuntime instructions are limited to guidance (how to use skills, what to install) and troubleshooting steps. The SKILL.md suggests checking ~/.openclaw/logs and using CLI tools (openclaw, clawhub) — these are reasonable for an OpenClaw guide. The included script only collects user answers and writes a local markdown report; it does not exfiltrate data or call external endpoints.
- Install Mechanism
- okNo install spec is present (instruction-only). The only executable is a simple local shell script; package.json points to that script as main. Nothing is downloaded from external URLs and no archive extraction occurs.
- Credentials
- okThe skill declares no required environment variables, no credentials, and no config paths beyond suggesting users check their OpenClaw logs. Recommendations to install other skills are expected for a guide and do not themselves request secrets. Users should still be cautious before installing recommended skills (some may require service credentials).
- Persistence & Privilege
- okalways is false and model invocation is not disabled (normal). The skill does not request permanent presence or modify other skills' configs. Its only filesystem effect is writing a local assessment file (openclaw-assessment-<timestamp>.md) in the working directory.