Skillv1.0.0

ClawScan security

Paperclip · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 9, 2026, 11:22 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is internally consistent: it is an instruction-only Paperclip orchestration guide that asks for local config directories and common CLIs (pnpm, curl) and references provider credentials only as optional adapter-specific inputs.
Guidance: This skill is a local-first operator guide for running Paperclip and integrating OpenClaw/other adapters. Before installing or using it: (1) ensure you have Node 20+ and pnpm if you intend to run the Paperclip CLI; (2) only provide API keys (PAPERCLIP_API_KEY, OPENAI/ANTHROPIC keys, OpenClaw gateway token) when you intentionally enable the corresponding adapter — they are optional and adapter-specific; (3) confirm you trust any remote Paperclip or OpenClaw deployment you configure, because operational data (company/issue/run metadata) will be sent to the configured Paperclip API or gateway; and (4) avoid placing secrets in the ~/paperclip/ memory files as the skill itself instructs. If you want tighter assurance, request that the skill author provide a signed upstream source (e.g., a GitHub repo release) or a minimal install script you can review before running.
Findings: [no-findings] expected: The regex scanner had no code files to analyze (instruction-only skill). This is expected given there are no bundled scripts or install steps.

Review Dimensions

Purpose & Capability: okName/description (Paperclip control plane, agent orchestration, OpenClaw integration) align with the requested binaries (pnpm, curl), config paths (~/paperclip/, ~/.paperclip/instances/), and optional provider credentials. All required items are proportional to running and operating a local Paperclip instance.
Instruction Scope: okSKILL.md instructs the agent to read and write only within the declared Paperclip memory/config paths and to interact with Paperclip/OpenClaw endpoints. It does not instruct reading unrelated system files or exfiltrating arbitrary data. It explicitly warns not to store secrets in memory files.
Install Mechanism: okNo install spec or remote downloads are present — this is instruction-only. Required tools are standard (pnpm, curl). No archive downloads, custom install scripts, or unexpected installers are referenced.
Credentials: okNo required environment variables are declared; several relevant provider tokens are listed as optional in the metadata (PAPERCLIP_API_URL, PAPERCLIP_API_KEY, OPENAI_API_KEY, ANTHROPIC_API_KEY, OPENCLAW_GATEWAY_TOKEN, etc.). These are appropriate for the adapters and API calls described and are only optional. The only config paths requested are Paperclip-related directories in the user's home, which matches the skill's purpose.
Persistence & Privilege: okSkill is not always-on; it is user-invocable and allows normal autonomous invocation. It does not request elevated platform privileges or modify other skills' config. Its persistence (memory in ~/paperclip/) is consistent with its function.