Skillv2.0.1

ClawScan security

Antigravity Bridge · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 14, 2026, 11:17 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, install steps, and runtime instructions are consistent with its stated purpose of one‑way syncing of .md files from local Antigravity/Gemini project paths into the OpenClaw workspace.
Guidance: This skill appears to do exactly what it claims: rsync + yq are used to copy only *.md files from configured project and knowledge paths into an OpenClaw workspace subfolder. Before installing/run: 1) run the provided --dry-run to preview what gets copied; 2) inspect repos/knowledge directories for unexpected symlinks or maliciously named files (a symlink named something.md that points outside the repo could lead to unintended content appearing in your workspace); 3) confirm the destination path and memorySearch.extraPaths configuration so indexing only covers the intended files; and 4) prefer running the sync as a user with limited filesystem access or schedule it manually until you’re confident in the configured sources.

Purpose & Capability: okName/description promise (one‑way sync of .md files into OpenClaw) matches the files present and the behavior implemented in sync.sh. Required binaries (rsync, yq) and the brew install for yq are appropriate for YAML parsing and file sync.
Instruction Scope: okSKILL.md and setup.md instructions limit operations to reading repository paths and copying only .md files into a destination subfolder of the OpenClaw workspace; the script supports dry‑run and verbose modes and documents configuration and cron usage. There is no instruction to read or send secrets or to write outside the OpenClaw workspace.
Install Mechanism: okInstall spec uses Homebrew to install yq and expects system rsync; no remote downloads or arbitrary code fetches are present. The script itself is included in the package (no external installer required).
Credentials: noteNo credentials or secrets are requested. The script respects OPENCLAW_WORKSPACE if set (defaults to ~/.openclaw/workspace) but that environment variable is not documented as a required env var in metadata — minor mismatch. Verify the workspace path before running.
Persistence & Privilege: okThe skill does not request always:true, does not modify other skills or global agent settings, and writes only into the configured OpenClaw workspace destination. Cron setup is optional and user‑initiated.