Starter Flow
PassAudited by ClawScan on May 10, 2026.
Overview
Starter Flow appears to be a straightforward, user-confirmed installer for five named OpenClaw skills, with the main caveat that it changes your skill set and relies on external ClawHub installs.
This skill looks safe to use as an onboarding installer if you want the listed five skills. Before confirming, review the preselected list, remember that installed skills persist until removed, and check the individual skill pages if you need stronger assurance about versions or privacy behavior.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Confirming the installer can add multiple new capabilities to the user's OpenClaw environment.
The script asks for user confirmation and then invokes the ClawHub installer for selected skill names. This is aligned with the stated purpose, but it changes the user's installed skill set.
read -p "确定要安装吗?(y/n): " confirm ... if clawhub install "$name"; then
Review the selected skills before pressing install, and uninstall any skill you do not want afterward.
The user may install the current marketplace versions of these skills rather than a fixed, reviewable bundle.
The installer pulls five external skills by slug without pinning versions or hashes. This is normal for a convenience installer, but the exact resolved versions depend on ClawHub at install time.
declare -a SKILLS=( "token-estimator:Token 预估..." ... ) ... clawhub install "$name"
If supply-chain certainty matters, check each target skill's page/version before installing or install them individually.
A user could overestimate how fully the package has verified the privacy behavior of every installed skill.
The privacy/safety wording is broad, while the documented install flow depends on ClawHub network access and the installed skills have their own implementations. This is not evidence of data leakage, but users should not treat it as a full privacy guarantee.
无云端依赖,无隐私泄露 ... 检查网络: ping clawhub.ai ... clawhub install token-estimator
Treat the local/no-cloud statement as a general claim for runtime intent, and review the individual installed skills' permissions and behavior.