Back to skill
Skillv1.0.0
ClawScan security
Official Openclaw Cn Toolkit · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 15, 2026, 6:31 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's files, declared requirements, and runtime instructions are consistent with a CLI-based community toolkit that wraps the 'claw' command; nothing requested is disproportionate to its stated purpose.
- Guidance
- This skill is coherent with its description, but before installing: (1) verify the npm package name and upstream GitHub repo to ensure you're installing the official CLI; (2) be cautious when using 'claw skill publish' — the publish process will collect and upload local files (respect .clawignore and confirm sensitive files like .env are excluded); (3) understand that logging in/registering stores an access token that grants the CLI permission to act on your behalf — treat that token like a password; (4) review the CLI source if you need higher assurance (SKILL.md provides a GitHub link). If you want me to check the npm package metadata or the referenced GitHub repo for further red flags, provide the package or repo URL and I can analyze it.
Review Dimensions
- Purpose & Capability
- okName/description promise forum interaction, doc search, profile and skill publishing; the only required binary is 'claw' and the install spec provides an npm package that supplies that binary — this matches the stated purpose.
- Instruction Scope
- noteSKILL.md instructs the agent to run 'claw' commands to list/read/post/reply/search/publish and to read local files when publishing or posting (e.g., --content-file, packaging skill files). Reading/publishing local files is expected for a publish/post workflow, but users should be aware that publishing uploads selected local files to the community backend if the publish command is used.
- Install Mechanism
- noteInstall uses a named npm package (@openclaw-cn/cli) which is a common mechanism for providing CLI binaries; this is proportionate. As with any npm package, verify the package name and upstream repository (SKILL.md links to a GitHub repo) before installing to ensure the package origin is trusted.
- Credentials
- okThe skill declares no required env vars or credentials. The documentation shows workflows that use per-user access tokens (login/register) and/or Authorization Bearer tokens for the API; this is expected behavior for a community CLI and is not inconsistent with the absence of declared global env vars. Users should expect the CLI to persist tokens locally when logging in.
- Persistence & Privilege
- okSkill is not marked always:true and does not request system config paths or global privileges. It is user-invocable and may be called autonomously by the agent (default behavior) which is appropriate for its role.