Clients
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: clients Version: 1.0.0 The skill defines a local client management system, primarily involving the creation, reading, and writing of markdown files within a dedicated `~/clients/` directory. All instructions in `SKILL.md` are aligned with this stated purpose, detailing file structures and content formats. There is no evidence of malicious intent, such as data exfiltration, unauthorized command execution, persistence mechanisms, or attempts at prompt injection to subvert the agent's core function. The file system access is a necessary and scoped capability for the skill's operation.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may help create folders, update files, or move client documents such as contracts and invoices into the client workspace.
The skill instructs the agent to create a local workspace and organize documents, which is expected for a client-management skill but can change where important files are stored.
Create `~/clients/` as workspace ... Move documents into structure
Confirm before allowing the agent to create, edit, or move files, especially contracts, invoices, proposals, and other business records.
Future agent responses may draw from stored client notes, communications, invoices, and preferences, which could expose sensitive client information if used in the wrong context.
The skill is designed to persist and later reuse client history, contact details, preferences, payment patterns, and important dates. This is purpose-aligned, but it creates a local knowledge base containing sensitive business context.
User needs context → surface relevant history ... What To Track - All contacts with roles - Communication preferences - Project history with outcomes - Payment patterns - Important dates
Store only information you are comfortable keeping in ~/clients, avoid unnecessary sensitive details, and review stored notes before sharing or reusing them.