Back to skill
Skillv1.1.2
ClawScan security
NextCloud AIO OpenClaw · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 10, 2026, 5:51 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, runtime instructions, and environment requirements are consistent with a Nextcloud integration and do not request unrelated credentials or elevated persistent privileges.
- Guidance
- This bundle appears coherent for Nextcloud integration, but you should still review before running. Recommended actions: (1) Inspect the bundled scripts (nextcloud.js and scripts/files_binary.py) in a sandbox or on non-production data. (2) Use a dedicated low‑privilege Nextcloud app password (NEXTCLOUD_TOKEN) and restrict the account to only the needed scopes. (3) Verify NEXTCLOUD_URL is correct and that no unexpected network endpoints are present. (4) Run the preflight grep checks mentioned in SKILL.md (search for hardcoded URLs, child_process, fs usage, or other secret strings). (5) If you lack the ability to review the code, test in an isolated environment first and rotate the app password after use.
Review Dimensions
- Purpose & Capability
- okThe skill claims Nextcloud integration (Notes, Tasks, Calendar, Files, Contacts) and requires NEXTCLOUD_URL, NEXTCLOUD_USER, and NEXTCLOUD_TOKEN and Node.js 20+. Those requirements are proportional and expected for the stated purpose. The included Python helper handles binary file uploads/downloads (expected for file transfers).
- Instruction Scope
- okSKILL.md instructs running the bundled node script and an optional Python helper; it explicitly limits network targets to the host in NEXTCLOUD_URL and recommends preflight checks. The instructions do not direct the agent to read unrelated system files or exfiltrate data to other endpoints. The skill also encourages manual code review before first use.
- Install Mechanism
- okThere is no automated install spec — the bundle includes source files (a Node.js bundle and a small Python script) and expects Node 20+ at runtime. No external download/install URLs or extract operations are present in the bundle metadata, reducing installer risk.
- Credentials
- okThe only secrets required are NEXTCLOUD_URL, NEXTCLOUD_USER, and NEXTCLOUD_TOKEN (primaryEnv). These are directly relevant to accessing a Nextcloud instance; no unrelated credentials or broad system secrets are requested.
- Persistence & Privilege
- okThe skill is not marked 'always: true' and does not request persistent system-level privileges. It can be invoked autonomously (platform default), which is expected for a plugin of this type and is not combined with other red flags.