Skillv2.0.0

ClawScan security

Agent Recruiter · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewMar 16, 2026, 9:25 AM

Verdict: Review
Confidence: medium
Model: gpt-5-mini
Summary: The skill generally does what its name says (creates and wires up OpenClaw agents), but it omits required runtime dependencies and will copy authentication files (potentially copying secrets) without warning—so the behavior is coherent but has risky/undocumented aspects you should review before installing.
Guidance: This skill appears to implement an agent-creation workflow, but take these precautions before installing or running it: - Verify prerequisites: ensure node and the openclaw CLI are installed; the script calls `node -e` and `openclaw gateway restart` but the skill metadata lists no required binaries. - Backup before running: save a copy of ~/.openclaw/openclaw.json (and any other config) so you can restore if changes are unintended. - Inspect auth-profiles.json: the script may copy ~/.openclaw/agents/mike/agent/auth-profiles.json into the new agent; review that file for API keys or secrets and decide whether you want to duplicate those credentials. - Dry run / test with non-sensitive data: try creating a test agent id and verify outcome before using real group IDs or production model/auth files. - Confirm restart impact: restarting the gateway affects all agents; schedule the operation to avoid disrupting live workflows. If you want this skill to be less risky, ask the maintainer to: (1) declare required binaries (node, openclaw), (2) add an explicit prompt/confirmation before copying auth files, and (3) provide a dry-run mode and safer handling of secrets.

Review Dimensions

Purpose & Capability: noteThe name/description match the included files and script: it creates agent directories, generates agent.json, updates openclaw.json and restarts the gateway. However, the package metadata claims no required binaries while the runtime script expects node and the openclaw CLI to be present; that mismatch should be fixed or disclosed.
Instruction Scope: concernSKILL.md and scripts instruct the agent to read and modify user configuration under ~/.openclaw, copy models.json and auth-profiles.json from existing agents, and restart the gateway. These actions are in-scope for agent creation but include copying auth-profiles.json (which may contain secrets) and performing system-wide changes (openclaw.json modification and gateway restart) without explicit safeguards.
Install Mechanism: okThis is an instruction-only skill with an included shell script and templates — there is no external download or package installation. No high-risk installers or remote URLs are used in the files provided.
Credentials: concernThe skill declares no required environment variables or credentials, but it will copy auth-profiles.json from another agent if present. That file is likely to contain authentication information; duplicating it into new agent directories can spread sensitive credentials. Also the script uses node and openclaw binaries but does not declare them as required.
Persistence & Privilege: okThe skill does not request always:true or any special platform privileges. It does modify OpenClaw configuration files and restarts the gateway (normal for this purpose), which is an expected level of system change for an agent-creation tool.