Clawdbot Documentation Expert

OpenClaw Agent Skill The skill is classified as suspicious due to potential vulnerabilities rather than clear malicious intent. Specifically, `scripts/build-index.sh` and `scripts/search.sh` directly interpolate user-provided input into shell commands (`qmd query "$query"` and `grep -i "$query"`), which could lead to shell injection if the input is not properly sanitized by the agent or if the underlying commands have vulnerabilities. Additionally, `SKILL.md` instructs the agent to use `pi_browser` with a `targetUrl` constructed from user input in `scripts/fetch-doc.sh`, posing a potential browser-based attack vector (e.g., XSS) if a malicious user crafts the URL and the agent's browser tool lacks robust sanitization. All network activity is confined to `docs.clawd.bot`, and file system operations are limited to `~/.cache/clawddocs`, with no evidence of intentional data exfiltration or persistence.