Back to skill
Skillv1.1.0
ClawScan security
Clawsmith · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 24, 2026, 11:42 AM
- Verdict
- Benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- ClawSmith's declared requirements (clawhub, git) and install step (installing the clawhub CLI via npm) align with its stated purpose of scaffolding, auditing, and publishing OpenClaw skills; nothing in the SKILL.md demands unrelated credentials or system-wide access.
- Guidance
- ClawSmith appears consistent with its stated purpose, but take these practical precautions before installing or using it: 1) Verify the provenance of the 'clawhub' npm package (check the package page, author, and source repo) before running npm installs. 2) Review any generated SKILL.md and any helper scripts produced by the skill (especially code-generation Mode 5) before saving or executing them. 3) Do not run clawhub publish or other publish/install commands until you inspect the files and confirm they don't embed hardcoded credentials or blind download/install commands. 4) Consider testing installs and generated artifacts in an isolated environment (VM or container) first. If you want higher confidence, provide the upstream source URL or package repository for 'clawhub' and the skill author so I can re-evaluate with that context.
Review Dimensions
- Purpose & Capability
- okThe skill claims to create, audit, and publish OpenClaw skills and declares the exact tools needed (clawhub CLI and git). The install spec installs the clawhub CLI (npm package) which is required to run its suggested publish/install commands, so requested binaries match the stated functionality.
- Instruction Scope
- noteSKILL.md instructs the agent and user to generate SKILL.md files, write them to ~/.openclaw/skills/, and use clawhub publish. Those actions are expected for a skill-creation/publishing tool. Caveat: several modes (e.g., Mode 5 code generation, Mode 8 'one-click pipeline', Mode 10 bulk creation) may produce helper scripts or scaffold files — you should review any generated scripts and the generated SKILL.md before running publish commands.
- Install Mechanism
- noteInstall spec is a node (npm) package 'clawhub' that creates a 'clawhub' binary. Using npm to install a CLI is reasonable for this use case, but npm packages carry supply-chain risk. The registry metadata does not point to a homepage or source repo for verification.
- Credentials
- okNo environment variables or credentials are requested by the skill. The SKILL.md emphasizes declaring required bins/envs in generated SKILL.md files. There is no unexplained request for unrelated secrets or config paths.
- Persistence & Privilege
- okThe skill does not request always:true or any elevated platform privilege. It asks the user to save generated SKILL.md into the user's skills folder and to run clawhub publish manually — standard for a publishing tool and not privileged.