Skillv1.0.0

ClawScan security

Openclaw Proper Usage · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 17, 2026, 7:51 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: This skill is an instruction-only operational checklist for using OpenClaw and is internally consistent with its stated purpose; it does not request credentials, install code, or perform unexpected file/credential access.
Guidance: This skill is a usage/playbook and is internally coherent. Before installing, confirm your runtime supports the named backends (Gemini, Claude CLI, azure-openai/gpt-4.1) and that appropriate credentials for those providers are managed separately — the skill will not request them. Be aware it explicitly instructs spawning and monitoring subagents (sessions_spawn); review platform permissions and quotas for spawning agents and calling external models to avoid unexpected costs or over-privileged behavior. If you want stronger safety, require the skill to declare which provider credentials it needs or restrict which models it may invoke.

Review Dimensions

Purpose & Capability: okThe name/description are a usage/playbook for operating OpenClaw. The SKILL.md contains routing, subagent patterns, and completion/triage rules which match that purpose; nothing requested (no env vars, no installs) appears out of scope for an operational guidance document.
Instruction Scope: noteInstructions tell the agent to pick tools, split work into subagents, and include concrete commands like sessions_spawn and agents_list. This is consistent with a coordinator/playbook, but it gives the agent the authority to spawn and monitor subagents and to target specific LLM backends (e.g., gemini, Claude CLI, azure-openai/gpt-4.1). The skill does not instruct the agent to read files, secrets, or unrelated system state.
Install Mechanism: okNo install spec and no code files (instruction-only). No downloads or extracted archives — lowest-risk install footprint.
Credentials: noteThe skill requests no environment variables or credentials. It references external models/services (Gemini, Claude CLI, azure-openai/gpt-4.1) but does not declare or request provider credentials; this is acceptable for an instruction-only skill but means runtime availability depends on the agent's environment and credentials provided elsewhere.
Persistence & Privilege: okalways:false and no install actions. The skill can be invoked by the model (normal behavior) and instructs spawning subagents, but it does not request persistent system presence or modify other skills/configuration.