Back to skill
Skillv1.1.0
ClawScan security
Self-Improving Robotics · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 14, 2026, 12:27 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, scripts, and instructions align with its stated purpose of capturing robotics learnings and injecting reminders into OpenClaw sessions; there are no unexplained credential requests, network downloads, or surprising persistence privileges.
- Guidance
- This skill appears coherent and focused on capturing robotics learnings, but review a few points before installing: 1) Hooks are opt-in and run with your agent's permissions — enable them only if you want reminders injected on bootstrap or PostToolUse. 2) Inspect scripts (activator.sh, error-detector.sh, extract-skill.sh) before enabling to confirm you accept their behavior; error-detector.sh reads the CLAUDE_TOOL_OUTPUT env var (which can contain sensitive output), though it does not transmit that data externally. 3) The manual install suggestion clones a GitHub repo — verify the repo origin/author if you prefer. 4) Ensure .learnings/ files will not inadvertently store secrets, telemetry with credentials, or infrastructure endpoints; follow the SKILL.md guidance to redact sensitive excerpts. 5) If you want lower noise, enable only the UserPromptSubmit activator and skip the PostToolUse detector. Overall, the skill is internally consistent with its stated purpose.
Review Dimensions
- Purpose & Capability
- okThe name/description (capture robotics incidents and promote learnings) matches the files and behavior: markdown templates, logging conventions, a scaffold script to create skills, and hooks/scripts to remind and detect robotics errors. Required env vars and binaries are none, which is proportional for this documentation-and-hook focused skill.
- Instruction Scope
- noteRuntime instructions and hooks create/ensure .learnings/ files, inject a reminder into agent bootstrap, and run a CLI helper and an output-pattern detector. These actions are within the stated scope. Notable: scripts/error-detector.sh reads the CLAUDE_TOOL_OUTPUT environment variable (platform-provided command output) to detect error terms — the script does not echo that output verbatim but will emit a reminder if patterns match. The SKILL.md does explicitly warn not to log secrets.
- Install Mechanism
- okThis is instruction-only with no install spec. The repository suggests optional manual git clone from a GitHub URL and enabling hooks; there are no automatic downloads, package installs, or archive extraction in the bundle. The included scripts and hook code are local and self-contained.
- Credentials
- noteThe skill declares no required environment variables or credentials. The only environment interaction is that error-detector.sh reads CLAUDE_TOOL_OUTPUT (expected for a PostToolUse hook). That access is reasonable for detecting robotics error terms, but users should be aware CLAUDE_TOOL_OUTPUT may contain sensitive command output and the README already flags that as sensitive.
- Persistence & Privilege
- okThe skill is not always-enabled and does not request elevated platform privileges. Hooks are opt-in: the user must copy/enable hooks under ~/.openclaw/hooks or add CLI hook entries in settings. The hook injects a virtual reminder file during bootstrap but does not modify other skills' configs or persist credentials.