Skillv1.0.0

ClawScan security

Key Swap · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 2, 2026, 6:31 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill does what it says — it updates the local OpenClaw Anthropic auth profiles with a new Claude Max token and restarts the gateway — and its requirements and actions are proportional to that purpose.
Guidance: This skill appears to be what it claims: it asks the user for a new sk-ant- token, updates your OpenClaw Anthropic profiles file, and restarts the gateway. Before running it, ensure: 1) you trust the token you will provide, 2) you have a backup of $HOME/.openclaw/agents/main/agent/auth-profiles.json (the script overwrites it), 3) jq is installed and the OpenClaw CLI/LaunchAgent exist on your system (the SKILL.md assumes a macOS/Homebrew path and uses launchctl), and 4) you are comfortable that usageStats and failureCounts for those profiles will be reset (the script clears historic failure data). If your OpenClaw installation path differs, run the bundled script from its actual location or copy it into place rather than blindly running the exact /opt/homebrew/... command.

Review Dimensions

Purpose & Capability: okName and description match the actual behavior: the script updates the Anthropic profile tokens in the OpenClaw auth file. No unrelated credentials or services are requested. The skill assumes OpenClaw stores profiles at $HOME/.openclaw/agents/main/agent/auth-profiles.json and will update two profiles; this is coherent with 'rotate key' functionality. Note: the SKILL.md references an absolute install path (/opt/homebrew/...) which assumes a specific installation layout (macOS/Homebrew/npm global), but that is an implementation detail rather than a mismatch of purpose.
Instruction Scope: noteInstructions are narrowly scoped: ask user for a token (must start with sk-ant-), run the included script, and report results. The script reads and overwrites the local auth-profiles.json, resets usageStats for the specified profiles, and restarts the OpenClaw gateway. This stays within the stated purpose, but the instructions do not mention prerequisites (jq, correct file path, permissions) or error-recovery (backup of auth file). Also the script resets usageStats and deletes failureCounts — this is functional but could remove historical failure data, which users may want to be aware of.
Install Mechanism: okNo install spec is present (instruction-only plus bundled script), so nothing is downloaded or installed by the skill. The script is bundled in the package. The SKILL.md directs running the script from a fixed /opt/homebrew/... path; if the user's installation location differs the provided command may fail. No external downloads or obscure URLs are used.
Credentials: okThe skill requests no environment variables and no external credentials. It does modify the local OpenClaw auth file (which contains API tokens) — that is exactly what key rotation requires. There is no attempt to transmit tokens externally. Users should note the script runs as the invoking user and will overwrite the auth-profiles.json in that user's home directory.
Persistence & Privilege: okThe skill is not always-enabled and does not request elevated platform privileges. It modifies OpenClaw's own auth file and restarts the OpenClaw gateway (via launchctl), which is appropriate for rotating an active key. The script does not alter other skills' configs or system-wide settings beyond restarting the gateway for the current user. Note: restart uses macOS-specific launchctl invocation and may fail or be inappropriate on non-macOS systems.