OpenClaw Problem Solver自动修复小龙虾
PendingVirusTotal audit pending.
Overview
No VirusTotal analysis has been recorded yet. File reputation checks will appear here once the artifact hash has been scanned.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A wrong or maliciously influenced search result could lead the agent to run an unsafe local test command before the user has reviewed the exact command and scope.
This directs the agent to run local commands/tests based on externally retrieved material. Local exec is purpose-aligned for troubleshooting, but the artifact does not clearly require explicit approval, sandboxing, or command allowlisting for this initial test path.
**Initial Test:** Proactively call `exec` with an MRE derived from search results.
Require explicit user approval for every exec command, show the exact command and working directory, run only in a temporary/sandboxed project when possible, and avoid executing code copied from search results without review.
Problem descriptions, commands, and solution summaries may remain in memory after the session and influence future answers.
The skill intentionally persists troubleshooting details and session state for future use. This is aligned with its knowledge-creation purpose, but users should know issue details may be retained and reused.
Store the core problem/solution pair as a permanent fact... Update State (`~/proactivity/session-state.md`).
Do not include secrets in bug reports; prefer redacted summaries for memory, and provide a way for the user to review or delete saved troubleshooting memories.
Local profile or identity context may be used while diagnosing an OpenClaw issue.
The skill reads local user-context files to personalize troubleshooting. This appears purpose-aligned, but those files may contain private identity or preference information.
**Action:** Read `USER.md` and `IDENTITY.md`.
Keep sensitive identity details out of these context files or ensure the agent only uses the minimum needed information for the troubleshooting task.