Skillv0.1.0

ClawScan security

Openclaw Itsm Skill · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 11, 2026, 5:24 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's described purpose (analyzing BlueKing ITSM tickets) is reasonable, but the runtime instructions reference Python scripts, config files, and optional API/webhook credentials that are not provided or declared, creating an incoherent and potentially risky setup.
Guidance: This skill's description and instructions align with an ITSM analysis tool, but the package is instruction-only and does not include the referenced Python scripts, config files, or reference documentation. Before installing or running it: 1) Ask the publisher for the missing scripts and a dependency list (Python version, required pip packages) and review their code for data-handling and network calls. 2) Do not provide BK_ITSM_API_KEY or WEBHOOK_URL until you have inspected the scripts; a webhook may send sensitive ticket data externally. 3) If you plan to run the scripts, run them in an isolated environment (sandbox/container) and audit outbound network traffic. 4) Prefer a version that bundles the implementation or points to a trusted repository (e.g., GitHub) with release artifacts you can inspect. If the publisher cannot provide the missing artifacts or a trustworthy source, treat this skill as incomplete and avoid using it with real ticket data.

Review Dimensions

Purpose & Capability: noteThe skill's stated goal—analyzing BlueKing ITSM tickets, trend reports, clustering, and SLA monitoring—matches the instructions. Optional environment variables (BK_ITSM_API_*, WEBHOOK_URL) are relevant to the described integrations. However, the skill references many helper scripts, reference files, and a config.json that are not present in the package or metadata, which is inconsistent with a self-contained skill.
Instruction Scope: concernSKILL.md instructs the agent to run commands like `python scripts/analyze_ticket.py` and to read CSV/Excel exports and reference files. Because this is an instruction-only skill with no accompanying scripts or references, it's unclear what will actually run. The instructions also include optional pushing of reports to an external webhook (enterprise WeChat), which would transmit potentially sensitive ticket data off-site if configured. The instructions do not tell the agent to access unrelated system files, but their reliance on non-provided artifacts grants broad discretion and is unsafe without review.
Install Mechanism: okThere is no install spec (instruction-only), so nothing is written to disk by the installer. This is low-risk in isolation, but combined with missing scripts it raises a usability/security concern: the skill expects local scripts to exist yet does not install or provide them.
Credentials: concernThe metadata lists no required environment variables, but SKILL.md documents optional env vars BK_ITSM_API_URL, BK_ITSM_API_KEY and WEBHOOK_URL. Requesting an ITSM API key and optional webhook is reasonable for integrations, but the mismatch between declared requirements (none) and the instructions (which reference sensitive credentials) is inconsistent. The webhook option especially enables data exfiltration if set to an external URL; users should only provide such secrets after verifying the scripts that will use them.
Persistence & Privilege: okThe skill does not request always: true and does not indicate writing to other skills' configs or system-wide settings. It appears to be invokable by the user and may be invoked autonomously (platform default), which increases risk if scripts are supplied by an unknown source, but the skill itself does not request elevated persistence.