OCC for OpenClaw
PassAudited by ClawScan on May 1, 2026.
Overview
This skill is coherent as an audit-plugin installer, but users should notice it installs external npm code and records limited metadata about every OpenClaw tool action.
Before installing, verify that you trust the npm package and source repository, decide whether remote, stub, or self-hosted proofing fits your privacy needs, and protect the local proof log directory because it records an ongoing history of agent tool activity.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing the package changes the local OpenClaw environment and loads plugin code from npm.
The skill relies on a user-installed external npm package and installer to add the OpenClaw plugin; this is expected for the stated purpose, but the executable code is outside the instruction-only artifact.
npm install -g openclaw-occ openclaw-occ install
Verify the npm package, source repository, and version before installing; consider reviewing or pinning the package if used in a sensitive environment.
Anyone with access to the proof directory may be able to infer what tools were used and when, even if file contents or command contents are not stored.
The skill creates persistent, agent-wide records of tool activity. This is the core audit function, but it creates a long-lived local activity trail.
commits a cryptographic OCC proof after every tool the agent runs ... Proofs are stored locally in `~/.openclaw/workspace/occ-proofs/` as append-only JSONL files.
Protect the proof directory, decide how long to retain proofs, and use the documented stub or self-hosted modes if local-only control is preferred.
The hosted notary receives limited metadata such as tool name, timestamp, hash chain data, and counters for agent actions.
The default configuration sends proof metadata to an external hosted notary. The artifact discloses this data flow and offers local or self-hosted alternatives.
`remote` | POST to one notary ... **Default.** ... `"notaries": ["https://occ-notary.gjp9tm85hq.workers.dev/commit"]`
Choose remote mode only if you are comfortable with the hosted notary receiving action metadata; otherwise configure `stub` mode or a self-hosted notary.