Claw Deep Research
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is a coherent deep-research workflow, but it may run background sub-agents, reuse prior research memory, cache intermediate notes, and save report files.
This skill appears safe for its stated research purpose. Before using it, decide whether you want background sub-agent execution, choose an appropriate research depth to control search/model usage, and specify whether reports should be saved to disk or returned only in chat. For sensitive topics, clear the .deep-research-cache and avoid continuing from prior memory unless you trust the previous research.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A research task may continue in the background and consume search/model quota after the initial request.
The skill can start a dedicated background research sub-agent automatically for deeper research tasks when sub-agent concurrency is available.
使用 `sessions_spawn` 创建专用的研究子 Agent,让研究在后台异步执行 ... 自动选择 模式B(子 Agent 执行)
If you do not want background execution, ask the agent to use inline mode, lower the research depth, or confirm before spawning a sub-agent.
Old or cached research could influence later reports, and sensitive research topics may remain in local cache files if a run is interrupted.
The workflow can read prior research memory and store intermediate research cards in a local cache file for recovery between phases.
使用 `memory_search` 搜索当前话题相关的历史记录 ... 路径:`~/.openclaw/workspace/.deep-research-cache/[topic-hash]-learnings.json` ... 研究完成后清理缓存文件
Review prompts before continuing from old research, and clear the deep-research cache or avoid memory reuse for sensitive topics.
The skill may create Markdown report files on your Desktop, in the OpenClaw workspace, or in a temporary directory.
The documentation says the agent will try to write generated reports to local filesystem locations.
The agent tries to save the full report to your Desktop, but gracefully degrades: Desktop writable? → ~/Desktop/report.md ... Workspace writable? ... Temp dir writable?
Specify your preferred output location, or ask for chat-only output if you do not want local files created.
Manual installation from GitHub could install content that differs from the reviewed ClawHub package.
The README offers a manual install path that clones the current contents of a GitHub repository rather than a pinned reviewed artifact.
git clone https://github.com/midboss1028-beep/claw-deep-research.git
Prefer the reviewed ClawHub install path, or inspect and pin the repository version before manual installation.