Clawd Modifier
PassAudited by VirusTotal on May 13, 2026.
Overview
Type: OpenClaw Skill Name: clawd-modifier Version: 1.0.0 This skill is classified as suspicious due to its use of high-risk capabilities, specifically the direct modification of system-level files and a compiled binary. The scripts (`patch_art.py`, `patch_color.py`) modify the `cli.js` file, and `patch_binary.py` performs byte-level patching on the `claude` executable. While the stated purpose is benign (customizing a mascot's appearance), these actions involve powerful system modification techniques that carry inherent risks, even with included safeguards like backups and dry-run options. There is no clear evidence of malicious intent such as data exfiltration or persistence.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A cosmetic request could modify the trusted Claude Code executable itself; if a pattern match is wrong or the version differs, the CLI may behave unexpectedly or break.
The helper can locate a Claude executable in common install paths, perform broad byte-sequence replacement, and write the modified binary back to disk.
DEFAULT_PATHS = [Path.home() / ".local/bin/claude", "/usr/local/bin/claude", "/opt/homebrew/bin/claude"] ... data = data.replace(search, replace) ... binary_path.write_bytes(data)
Use only with an explicit user request, run dry-run/list modes first, keep backups enabled, verify the targeted Claude Code path and version, and prefer scoped configuration if available.
Mascot changes can affect future Claude Code sessions, not just the current request.
The documentation acknowledges that modifications persist in the installed CLI until an update or restore operation reverses them.
Changes are overwritten by `npm update` ... `python scripts/patch_art.py --restore`
Treat changes as persistent local modifications; keep backups, document what was changed, and restore before troubleshooting Claude Code issues.
Users have less external context for deciding whether to trust the patching scripts.
The registry information provides limited provenance for scripts that patch a core developer tool.
Source: unknown; Homepage: none
Inspect the scripts locally before use and avoid running them on important Claude Code installations unless you trust the skill source.