Back to skill
Skillv1.0.0
ClawScan security
Agent Builder · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 30, 2026, 9:10 AM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill is an instruction-only
- Guidance
- This skill appears to be what it says: a template-driven authoring workflow for OpenClaw agent workspaces and guardrails, and it is low-risk because it asks for nothing and installs nothing. Before you install/use it: 1) Review the generated workspace files (SOUL.md, AGENTS.md, HEARTBEAT.md, MEMORY.md) before running or granting any autonomous privileges; don't enable heartbeats or autonomous runs until you've audited them. 2) Check any generated TOOL or skill entries for outbound endpoints or API keys — the reference docs include an external API URL (https://api.heybossai.com/v1/pilot); ensure your agent doesn't auto-wire that or any other external service without your consent. 3) Do not paste secrets into workspace files; the references explicitly advise against storing credentials in the workspace. 4) Use the provided acceptance tests suggested by the skill to validate behavior (ask-before-destructive, ask-before-outbound, heartbeat behavior). If you want higher assurance, request the author/publisher identity or run the skill in a sandboxed environment first.
Review Dimensions
- Purpose & Capability
- okName/description (build OpenClaw agents) match the actual content: the SKILL.md walks through interviewing, generating workspace files, guardrails, and acceptance tests. It does not request unrelated binaries, credentials, or installs.
- Instruction Scope
- noteInstructions stay focused on designing and producing OpenClaw workspace files and on asking clarifying questions. They instruct the agent to read the provided reference docs and to create files like IDENTITY.md, SOUL.md, AGENTS.md, etc. One minor note: references/architecture.md contains a concrete external API URL (https://api.heybossai.com/v1/pilot) and a mention of a SkillBoss API Hub; the SKILL.md itself does not instruct calling that endpoint, but the presence of the URL could encourage an agent or a user to route tool calls there — review generated agent files to ensure no unintended outbound integrations are inserted.
- Install Mechanism
- okNo install spec and no code files — instruction-only skill. Nothing is written to disk by an installer by default, which minimizes supply-chain risk.
- Credentials
- okThe skill requests no environment variables, credentials, or config paths. That is proportionate for a template/authoring tool that generates local workspace files.
- Persistence & Privilege
- okalways:false and default agent-invocation behavior. The skill does not request permanent presence or system-wide changes. However, be aware that agents you build with this skill may be configured to run autonomously — review those agent configs before enabling autonomous execution.