Back to skill
Skillv1.0.1
ClawScan security
Dream Cycle · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 6, 2026, 2:21 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's files and instructions are coherent with its stated purpose (nightly audit and morning brief of the OpenClaw workspace); it reads local workspace files but does not request credentials or contact external endpoints.
- Guidance
- This skill appears to do what it says: auditing workspace memory files and producing a morning brief. Before installing: (1) note the SKILL.md promises pruning/optimizations but the scripts are read-only — if you expect automatic cleanup, request/inspect code that implements safe pruning; (2) review and approve cron jobs before enabling them so the timing/behavior is explicit; (3) verify the workspace path (OPENCLAW_WORKSPACE or $HOME/.openclaw/workspace) is correct and that the scripts run with least privilege needed; (4) if you later add automatic modification, review carefully for unintended deletion or exfiltration. Overall the skill does not request secrets or network access and is internally consistent aside from the 'pruning' claim.
Review Dimensions
- Purpose & Capability
- okName/description match what the provided scripts do: audit workspace files and generate a morning brief from $HOME/.openclaw/workspace (or OPENCLAW_WORKSPACE). No unrelated binaries, credentials, or config paths are requested.
- Instruction Scope
- noteSKILL.md describes nightly 'reviews, prunes bloat and optimizes files' but the included scripts are read-only (audit.sh and morning-brief.sh) and do not perform pruning or file modification. The runtime instructions and provided scripts are largely aligned, but the description overstates automatic modification behavior — if automatic pruning is intended, the scripts do not implement it.
- Install Mechanism
- okNo install spec (instruction-only plus two included shell scripts). This is low risk: nothing is downloaded or written during installation beyond the skill files themselves.
- Credentials
- okThe skill requires no credentials or environment variables. The scripts optionally use OPENCLAW_WORKSPACE and otherwise read files under $HOME/.openclaw/workspace — this is proportionate to a memory-audit/morning-briefing tool.
- Persistence & Privilege
- okalways is false and the skill does not request elevated or system-wide privileges. It only reads workspace files and checks for a local 'openclaw' CLI; it does not modify other skills or system config.