Skillv1.0.1

ClawScan security

code-to-requirement-analyser · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewMar 17, 2026, 1:34 AM

Verdict: Review
Confidence: medium
Model: gpt-5-mini
Summary: The skill's code and CLI generally match the described purpose (analyzing front-end trade code and building a local knowledge graph), but there are inconsistencies and a few operational details you should verify before installing or running it.
Guidance: This skill appears to implement the advertised code-analysis and knowledge-graph features and stores results locally, but there are a few things to check before using it: - Inspect and run in a sandbox: review the bundled Python files (especially parser modules and CLI) and, if possible, run the tool in an isolated environment (container or VM) before pointing it at sensitive repositories. - Confirm storage locations: SKILL.md defaults to ~/.openclaw for cache and knowledge; if you don't want outputs stored in your home, set KNOWLEDGE_BASE_PATH and CACHE_DIR to a dedicated directory. - Optional LLM usage: the SKILL.md suggests installing openai and using LLM_API_KEY for deeper analysis. Do not provide any production or sensitive API keys unless you trust the code — supplying an LLM API key enables network calls and could transmit analysis payloads externally. - Be cautious with running helper scripts: fix_setup.sh creates files and placeholder parser implementations; review its contents before executing it. - Verify imports execute safely: the CLI imports parser modules at startup; ensure those modules contain no unexpected top-level side effects. If you want greater assurance, ask the skill author for a provenance/origin (source repo) or run a full static review of all included files. The current assessment is 'suspicious' because of metadata vs. SKILL.md inconsistencies and optional network-capable behavior (LLM integration), not because of obvious malicious code.

Review Dimensions

Purpose & Capability: okName/description (reverse-engineer trade/business requirements from Vue/React/Angular) aligns with the included Python modules: parsers for multiple frameworks, a business analyzer, and a knowledge-graph builder. The CLI commands in SKILL.md correspond to code in scripts/cli.py.
Instruction Scope: noteSKILL.md instructs the agent/user to run the included CLI to parse local code files and persist results to local cache/knowledge directories (~/.openclaw/...). The README also mentions an optional LLM API key for deeper analysis — if supplied, that would cause network calls to an external LLM service. Otherwise the tool appears to operate on files you point it at. Verify whether the included parsers execute any unexpected side effects during import (the CLI imports parser modules at startup).
Install Mechanism: noteNo external install spec is provided (instruction-only install), and all source files are bundled with the skill — there are no downloads from remote URLs. That lowers remote-code risk. There is a helper script fix_setup.sh that will create files and placeholder parser implementations if run; review it before executing. The SKILL.md suggests pip installing optional packages (openai) which would pull third-party code if you choose to enable LLM features.
Credentials: concernRegistry metadata declares no required env vars, but SKILL.md documents two required local-path settings (KNOWLEDGE_BASE_PATH, CACHE_DIR) and an optional LLM_API_KEY. This mismatch is sloppy and worth noting. The environment/credential demands are otherwise minimal and local (file storage paths); only the optional LLM_API_KEY would be a sensitive secret and is clearly optional. The skill writes to user home directories (~/.openclaw) which is proportionate to its purpose but you should confirm/override the paths to an isolated directory.
Persistence & Privilege: okalways:false and no system/global configuration modifications detected. The tool persists analysis artifacts and a local knowledge graph under the user's home directory; that persistence is expected for its purpose. It does not request elevated privileges.