Skillv1.0.0

ClawScan security

Context Management · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 19, 2026, 4:00 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requests and instructions are consistent with its stated purpose (managing context and checkpoints); it has no hidden network hooks or credential asks, but it does read/write workspace files and recommends changing system compaction/pruning config so exercise normal caution before applying config changes.
Guidance: This skill appears coherent and behavior matches its description. Before installing/use: (1) understand it will read and write files in the workspace root (.context-checkpoint.md) — these checkpoints may contain session details you may not want saved; (2) it suggests changing OpenClaw gateway/agent defaults (compaction/pruning) via gateway config.patch — only do this if you have proper permissions and have backed up current config; (3) confirm the platform-provided commands it references (session_status, gateway) are available and that the agent is allowed to run them; (4) if you don't want the agent to change global settings automatically, avoid executing the config.patch steps or restrict the skill's autonomous invocation; (5) review .context-policy.yml in your workspace to control spawn policy behavior. Overall: low-risk but exercise normal operational caution around config changes and persisted checkpoints.

Review Dimensions

Purpose & Capability: okName/description match behavior: the SKILL.md and included script focus on measuring context usage, spawning sub-agents, writing a workspace checkpoint, and advising config tuning. No unrelated credentials, binaries, or external services are requested.
Instruction Scope: okInstructions stay within context-management scope: they call session_status, examine or create .context-policy.yml and .context-checkpoint.md, read daily logs (memory/{today}.md), and spawn sub-agents. These are expected operations for this purpose. Note: the guidance also instructs using the platform 'gateway' to read/patch agent-level config (agents.defaults.compaction, contextPruning), which is sensitive but relevant to the skill's goal.
Install Mechanism: okInstruction-only skill with no install spec. There is a small shell script included for checkpoint file read/write; no downloads or external installers are used.
Credentials: okThe skill requests no environment variables, credentials, or nonstandard config paths. It writes/reads workspace files (.context-checkpoint.md, optional policy file) which is proportionate to checkpointing and recovery.
Persistence & Privilege: concernThe skill is not always-enabled and is user-invocable (normal). However, it explicitly recommends and documents how to patch global gateway/agent defaults (compaction and pruning). Changing these system-wide settings can affect other agents and sessions; apply those changes only with appropriate permissions and backups.