OpenClaw Claude Code 百炼配置
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is a disclosed Claude Code integration skill, but it gives access to powerful coding, account, external-tool, and session features that users should intentionally control.
Before installing, confirm you trust Claude Code and any MCP servers you add, use plan or medium permission mode by default, keep API tokens private, and avoid auto or permission-skipping modes unless you have explicitly approved the scope of changes.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If a user or agent chooses these modes, Claude Code may edit files or run development actions with fewer prompts.
The skill documents modes and flags that can reduce or bypass confirmations for Claude Code actions. It also labels them as cautious use rather than making them the default.
| `auto` | 自动执行,无需确认 | ... | `--dangerously-skip-permissions` | 跳过权限确认 (慎用) |
Prefer `plan` for reviews and `medium` for normal development; avoid `auto` and `--dangerously-skip-permissions` unless the user explicitly approves and the repository is backed up.
Installing or adding MCP servers can run third-party code on the user’s machine.
The skill includes user-directed commands that execute a remote installer and optional npm-based MCP server packages. These are relevant to the skill purpose but depend on external sources.
irm https://claude.ai/install.ps1 | iex ... claude mcp add server-name --transport stdio -- env VAR=value -- npx -y mcp-server
Verify installer URLs and MCP package names, prefer official/pinned packages where possible, and do not run these commands from untrusted projects.
The CLI may use the user’s account, API quota, and configured provider token.
The skill requires Claude/third-party model account authentication and shows a local API token configuration. This is expected for a model-provider integration, but it is sensitive account authority.
claude auth login --email user@example.com ... "ANTHROPIC_AUTH_TOKEN": "your-api-key-here", "ANTHROPIC_BASE_URL": "https://coding.dashscope.aliyuncs.com/apps/anthropic"
Use scoped credentials where available, keep tokens out of shared repositories, and review the provider endpoint before entering an API key.
Project data or prompts may be shared with configured MCP services, and those services may gain action authority such as repository, filesystem, database, or messaging access.
The skill describes connecting Claude Code to external MCP servers and services. This is disclosed and optional, but it can expand data and action boundaries.
MCP 让 Claude Code 连接外部工具和服务。 ... HTTP 模式 ... SSE 模式 ... GitHub ... Filesystem ... Database ... Slack/Discord ... Jira
Only add trusted MCP servers, review their permissions, and separate sensitive workspaces from broad external integrations.
Old session context may influence later work or expose earlier project details within the resumed session.
The skill documents resuming previous Claude Code sessions, which can reuse prior task context.
# 继续最近的会话 claude -c # 继续指定会话 claude -r session-name
Start a new session for sensitive or unrelated tasks, and resume sessions only when prior context is still appropriate.