ClawHub

Skill Polisher

Security checks across static analysis, malware telemetry, and agentic risk

Overview

This skill is mostly local and purpose-aligned, but its scripts do not validate skill names before using them in file paths, so crafted names could make it read or write outside its intended folders.

Install only if you are comfortable with local feedback history being retained. Use ordinary skill names only, and prefer an updated version that validates skill names and guarantees all writes stay under ~/.openclaw/workspace/.skill-polisher/.

Static analysis

No static analysis findings were reported for this release.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#ASI02: Tool Misuse and Exploitation
Medium
What this means

Normal use with real skill names should work as intended, but a crafted or mistaken skill name could cause local files to be written outside the expected folder.

Why it was flagged

The user- or agent-supplied skill name is joined directly into a filesystem path without visible validation. A value containing path traversal such as '../' could create feedback directories and files outside the declared .skill-polisher area.

Skill content
parser.add_argument("--skill", required=True, help="技能名称") ... skill_dir = base_dir / skill_name
skill_dir.mkdir(parents=True, exist_ok=True)
Recommendation

Validate skill names against a strict pattern such as lowercase letters, numbers, and hyphens before any file operation, and resolve paths to confirm they remain inside the intended base directory.

#ASI06: Memory and Context Poisoning
Low
What this means

Comments or expectations entered by the user may remain on disk and be reused in later reports or suggestions.

Why it was flagged

The skill intentionally stores persistent local feedback, expectations, metrics, and improvement history that may influence future recommendations.

Skill content
~/.openclaw/workspace/.skill-polisher/
├── feedback/                    # 用户反馈记录
├── expectations/               # 技能成功标准
├── metrics/                    # 聚合指标
├── polish-history/            # 打磨历史
Recommendation

Avoid putting secrets or sensitive project details in feedback comments, and provide a clear cleanup or retention option for stored feedback data.