Back to skill
Skillv1.3.1
ClawScan security
Constraint Engine · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 25, 2026, 8:55 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's stated purpose (generating and enforcing constraints) matches its declared requirements and instructions: it is an instruction-only skill that reads workspace config, uses the agent's model, and writes constraint artifacts to the workspace — no unrelated credentials, installs, or external endpoints are requested.
- Guidance
- This skill appears internally consistent, but review these practical points before installing: 1) It will read the local config files (.openclaw/constraint-engine.yaml and .claude/constraint-engine.yaml) and will write constraints to output/constraints/ and output/hooks/ — inspect those configs and ensure you are comfortable with the skill modifying your workspace. 2) The SKILL.md references installing auxiliary skills (failure-memory, context-verifier); those are separate and could have their own requirements — review them before installing. 3) Although the skill states it does not call external APIs, it relies on your agent's model and internal trust boundary; if you want to limit autonomous changes, restrict agent-autonomy or require explicit user confirmation for enforcement/overrides. 4) If you plan to run openclaw install commands, be mindful that they fetch third-party skill code; review source repositories for any install-time behavior you might not want.
Review Dimensions
- Purpose & Capability
- okName/description (constraint generation/enforcement) align with what the skill requests and does: it reads local config, uses the agent model for checking/generation, and writes results to output/constraints/ and output/hooks/. The listed dependency on a failure-memory skill is consistent with generating constraints from observed failures.
- Instruction Scope
- okSKILL.md is instruction-only and describes pre-action checks, generation, lifecycle, and circuit-breaker behavior. It explicitly restricts operations to the agent's trust boundary and workspace. The instructions reference only workspace paths and local config files (.openclaw/.claude); there are no directives to read unrelated system files or to transmit data to third-party services.
- Install Mechanism
- okNo install spec or code files are present; the SKILL.md shows example openclaw install commands but the skill itself is instruction-only. This is low-risk because nothing in the package will be written to disk or executed automatically by an installer.
- Credentials
- okThe skill requires no environment variables or external credentials. The only required config paths are project-local (.openclaw/constraint-engine.yaml and .claude/constraint-engine.yaml), which are proportionate to a behavior-enforcement skill.
- Persistence & Privilege
- okalways is false and autonomous invocation is allowed (platform default). The skill writes to its own workspace paths (output/constraints/, output/hooks/) which is expected. It does not request system-wide configuration changes or other skills' credentials.