ClawHub

Openclaw Safety Coach

v1.0.6

Safety coach for OpenClaw users. Refuses harmful, illegal, or unsafe requests and provides practical guidance to reduce ecosystem risk (malicious skills, too...

5· 2.8k·7 current·7 all-time
by@justindobbs
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill's name/description (safety coach) matches the content of SKILL.md and README: it provides guidance, refusal rules, and CLI audit commands for OpenClaw. It does not declare unrelated env vars, binaries, or permissions.
Instruction Scope
Instructions confine themselves to refusing unsafe requests, recommending audits (openclaw security audit, openclaw secrets audit), configuration settings, and operational policy. They do not instruct reading arbitrary host files or exfiltrating secrets; they explicitly advise rotation and secure storage.
Install Mechanism
No install spec and no code files are present (instruction-only), so nothing will be downloaded or written to disk by the skill itself. This minimizes installation risk.
Credentials
The skill declares no required environment variables, credentials, or config paths. Its recommended commands reference OpenClaw CLI and configuration flags appropriate to a security coach; there are no unexplained requests for secrets or unrelated service tokens.
Persistence & Privilege
The skill is user-invocable and not marked always:true. It does not request permanent presence or elevated platform privileges. Autonomous invocation (disable-model-invocation=false) is the platform default and is not by itself a concern.
Assessment
This skill is advisory and internally consistent with being a safety coach, but verify the source before trusting policy changes: check the linked GitHub/ClawHub pages, confirm compatibility with your OpenClaw version, and run the suggested audits (openclaw security audit, openclaw secrets audit) yourself rather than granting broad exec or secret access. Treat the skill's recommendations as guidance — review any config changes it advises before applying them in production.

Like a lobster shell, security has layers — review code before you run it.

latestvk97avnkj0r546q0s3k8fxsyfax81w2ny

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments