WOL
AdvisoryAudited by Static analysis on May 4, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A requested command may wake a configured or addressable computer on the local network.
The skill instructs the agent to run a local script that sends Wake-on-LAN packets. This is expected for the stated purpose, but it is still a real device-control action on the user's local network.
python3 ~/.openclaw/workspace/skills/wol/scripts/wol.py --target <target>
Only use this skill for devices you own or are authorized to wake, and review configured device names before invoking wake commands.
Full MAC addresses may appear in tool output and could be exposed if the agent summarizes or relays command results.
These outputs include full MAC addresses. That conflicts with SKILL.md's security guidance that says full MAC addresses should not be revealed through conversation.
print(f"Found {target} in devices as '{name}': {mac}") ... print(f"✓ Magic packet sent to {mac_address}") ... print(f"✓ Device '{name}' added: MAC={mac}, IP={ip}, Subnet={subnet_mask}")Update the script to mask MAC addresses in all printed output, not just list/show commands, or require the agent to suppress raw command output when it contains MAC addresses.
Saved device names, IP addresses, subnet masks, and MAC addresses remain in the skill's configuration file for later tasks.
The skill keeps a persistent local device registry containing network identifiers. This is purpose-aligned for WOL, but users should know the data persists across future uses.
Devices are stored in `references/devices.yaml`
Keep the device list limited to needed devices and remove entries when they are no longer required.