Skillcraft
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: skillcraft Version: 1.0.0 The 'skillcraft' skill is designed to guide the AI agent in creating other OpenClaw skills. While its instructions are aligned with this stated purpose, it details how to leverage several high-risk capabilities. Specifically, SKILL.md instructs the agent on how to define `metadata.openclaw.install` for new skills, which includes options for downloading and executing remote binaries (e.g., `kind: download`, `url: https://...`). Additionally, the skill guides the agent to use powerful OpenClaw tools like `exec` (for running arbitrary commands) and `sessions_spawn` (for creating subagents) when building new skills. These capabilities, while presented as legitimate features for skill development, represent significant security risks if misused, leading to a 'suspicious' classification due to risky capabilities without clear malicious intent from the skill itself.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A generated skill could run local commands or background processes if the user approves that design.
The skill teaches generated CLI-wrapper skills how to run local commands. This is purpose-aligned for skill construction and includes safety guidance, but local command execution is still a capability users should review per generated skill.
Use `exec` tool. Always set timeouts (hung CLIs block the agent). For long-running commands, use background mode + `process` tool to poll.
Review generated command lists, timeouts, arguments, and affected paths before using or publishing any skill produced with this guide.
A generated monitor skill could keep checking conditions and sending notifications after setup.
The monitor pattern describes scheduled or heartbeat-based behavior for generated monitoring skills. It is disclosed and purpose-aligned, but scheduled agent activity should be intentionally scoped.
Use `cron` tool. See docs: `/automation/cron-jobs`. ### Heartbeat Add check instructions to `<workspace>/HEARTBEAT.md` with a time threshold.
Only enable cron or heartbeat behavior with clear frequency, stopping conditions, notification destination, and state-cleanup guidance.
A generated skill may store state or memory that persists across sessions and affects future behavior.
The skill documents persistent memory and state locations for generated skills. This is expected for OpenClaw integration, but persistent context can influence later tasks if not bounded.
State locations:
- `<workspace>/memory/` — user-facing context
- `{baseDir}/state.json` — skill-internal state (travels with skill)
- `<workspace>/state/<skill>.json` — skill state in common workspace areaFor any generated skill, document what is stored, where it is stored, retention expectations, and how the user can inspect or delete it.
Users have less external provenance information to verify who authored or maintains the skill.
The registry metadata does not provide an external source or homepage for provenance review. The impact is limited because this is an instruction-only skill with no install spec or code files.
Source: unknown Homepage: none
Review the included instructions directly and rely on trusted registry ownership before installing or using it for important skill-building work.