ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

OpenClaw Power Ops

v1.0.0

Operate and maintain OpenClaw installations — CLI commands, config management, channel/agent/model setup, security auditing, troubleshooting, and gateway adm...

0· 1.3k·10 current·11 all-time
by@kapslap
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name, description, and all commands in SKILL.md and references are consistent with an OpenClaw operations/admin helper: CLI commands, config paths, gateway, agents, channels, security audits, and remediation steps. No unrelated binaries or env vars are requested.
!
Instruction Scope
Instructions tell the agent to read local OpenClaw state (e.g., ~/.openclaw, openclaw.json, credentials directories) and to run potentially state-changing commands (e.g., `openclaw security audit --fix`, `openclaw doctor --fix`, `openclaw gateway restart`). Those are within admin scope, but the SKILL.md also instructs to 'Load the docs before turning it loose' and to run `claude` to 'Audit this workspace' without clarifying whether that LLM runs locally or remotely. If the LLM is remote, this step could leak secrets (bot tokens, credentials, configs) to an external service. The automatic fix commands can also modify sensitive configuration — backup/confirm before running.
Install Mechanism
Instruction-only skill with no install spec and no code files — minimal surface area and nothing is written to disk by the skill itself.
Credentials
The skill declares no required env vars or credentials (proportional), but its guidance deals extensively with secrets (bot tokens, tokenFile migration, gateway.auth.token generation, permission changes). Because the skill directs handling of secrets and suggests sending workspace contents to an LLM, the lack of explicit constraints about where the LLM runs or how secrets are handled is notable.
Persistence & Privilege
The skill does not request persistent/always-on privileges and uses normal autonomous-invocation defaults. It does not attempt to modify other skills or system-wide agent settings beyond advising use of the OpenClaw CLI.
What to consider before installing
This skill appears to be a legitimate OpenClaw admin reference, but proceed cautiously because the source is unknown and some instructions can expose or change secrets. Before installing or invoking: 1) Verify the skill content against official OpenClaw docs at https://docs.openclaw.ai; 2) Back up openclaw.json, credentials/, and agent workspaces before running --fix commands; 3) Avoid running any LLM audit that sends your ~/.openclaw or credential files to a remote service — if you must use an LLM, ensure it's configured to run locally or redact secrets first; 4) Prefer running audit/doctor commands in read-only or dry-run mode first and review proposed fixes manually; 5) Confirm any generated tokens/permission changes (e.g., gateway.auth.token, chmod changes) are applied intentionally. If you don't trust the unknown owner, treat this as documentation only and perform changes manually after review.

Like a lobster shell, security has layers — review code before you run it.

latestvk9725evmr0znpb2shf51ejc79h81w3kr

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments