Skillv1.0.0

ClawScan security

MH healthcheck · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 24, 2026, 6:18 PM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's instructions and requested actions align with a host hardening/healthcheck purpose, but it is an instruction-only skill from an unknown source that assumes access to system tooling (and the openclaw CLI); review and confirm before running any checks or fixes.
Guidance: This skill appears to be what it says: a checklist and set of read-only checks for host hardening and an OpenClaw audit. Before installing/using it: 1) Note the skill comes from an unknown source/homepage — prefer skills with a verifiable author or repo. 2) Expect the agent to run system commands (uname, ss/lsof, firewall tools, tmutil, etc.) and the 'openclaw' CLI if present; confirm you want it to read that information. 3) The skill will ask for explicit approval before any state-changing actions (and warns that OpenClaw --fix affects OpenClaw settings only, not host firewall/SSH), so decline fixes until you have backups and a rollback plan. 4) Ensure the 'openclaw' CLI and any referenced tools are present in your environment, or the checks will be partial. 5) If you have sensitive data or strict policy, run the checks in a test environment first and verify the skill's outputs before applying changes. If you need higher assurance, ask the publisher for source code or a homepage before proceeding.

Review Dimensions

Purpose & Capability: okThe name/description describe host security hardening and risk posture checks and the SKILL.md contains exactly those checks (OS, listening ports, firewall status, backups, OpenClaw audit/status). There are no unrelated credential or install requests. One minor note: the skill assumes the presence of several system utilities and the 'openclaw' CLI but does not declare required binaries or how the CLI is provided.
Instruction Scope: noteInstructions tell the agent to run a set of read-only system commands (uname, sw_vers, /etc/os-release, ss/lsof, ufw/firewall-cmd/nft, tmutil, openclaw audit/update) and to ask explicit approval before making changes. This scope is appropriate for a host hardening checklist. The SKILL.md does instruct the agent to infer environment context automatically and to run OS-appropriate commands by default if the user permits; that behavior is expected but grants the agent broad read access to system state (appropriate for the purpose but worth user awareness). The skill does not explicitly list the binaries it will call, which reduces transparency.
Install Mechanism: okNo install spec and no code files — instruction-only. That minimizes disk-write/install risk. The lack of an install step is consistent with an advice/checklist-style skill.
Credentials: okThe skill requests no environment variables or credentials. It does require (implicitly) access to system command output and the OpenClaw CLI, which is proportional to its stated purpose. It explicitly requires user approval before any state-changing OpenClaw actions (e.g., --fix).
Persistence & Privilege: okalways:false and no install indicates no forced permanence. The skill can be invoked autonomously (platform default) but does not request elevated platform privileges or to persist config. The SKILL.md emphasizes explicit approval before state changes, which limits privilege escalation risk.