Skillv1.0.0

ClawScan security

Openclaw Guru - Documentation and Support expert · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 21, 2026, 5:09 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's instructions, requirements, and behavior are internally consistent with an OpenClaw troubleshooting helper — it reads OpenClaw logs/config and fetches official docs, so it's coherent but will access local files that may contain secrets.
Guidance: This skill appears to do what it says: a troubleshooting script for OpenClaw. Because it instructs reading local OpenClaw config and logs, those files may contain API keys or other secrets. Before installing or allowing autonomous use: 1) confirm you trust the skill source (unknown here), 2) prefer running suggested commands yourself or in a sandbox/container rather than granting blanket autonomous access, 3) avoid pasting sensitive tokens into the agent, and 4) back up configs before edits (the SKILL.md already advises backups). If you want stronger safety, run the diagnostic commands manually and share only the sanitized output the helper needs.

Review Dimensions

Purpose & Capability: okName/description describe OpenClaw troubleshooting and the SKILL.md exclusively instructs how to diagnose and fix OpenClaw (doctor, gateway status, logs, config lookup, docs, GitHub issues). The requested operations align with that purpose.
Instruction Scope: noteInstructions tell the agent to run diagnostic commands and read files under ~/.openclaw and global npm install locations and to fetch docs/GitHub pages. These are appropriate for troubleshooting, but they do grant the agent access to local config and logs (which can contain API keys/secrets). The SKILL.md warns not to rely on memory and to verify against live sources, but it does not explicitly limit exfiltration of any sensitive values found.
Install Mechanism: okThis is an instruction-only skill with no install spec and no code files — nothing is written to disk or downloaded by the skill itself, which is the lowest-risk install profile.
Credentials: noteThe skill requests no environment variables or credentials, which is proportional. However, runtime instructions access user files (e.g., ~/.openclaw/openclaw.json, ~/.openclaw/logs, global npm dist paths). Accessing those files is coherent for the purpose but could expose secrets; the skill does not require unrelated credentials or environment variables.
Persistence & Privilege: okalways is false, there is no install or persistent agent modification, and the skill does not request elevated or persistent privileges. The agent may run the prescribed commands when invoked, which is expected.