Clawbridge Skill
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: clawbridge-skill Version: 0.1.0 The skill's documentation (SKILL.md) clearly outlines its purpose as a web scouting agent, using tools like `web_search`, `web_fetch`, and `browser` to gather information. Crucially, it includes explicit security requirements for the AI agent, such as 'Keep secrets out of prompts', 'Use strict tool allowlists', and 'Human-in-the-loop - NEVER auto-send outreach'. These instructions actively mitigate common prompt injection and exfiltration risks, indicating a design focused on secure operation rather than malicious intent. There is no evidence of obfuscation, unauthorized execution, or attempts to bypass security controls.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If enabled, the agent may perform repeated nightly web research until the user changes or stops that workflow.
The skill is designed for recurring autonomous scouting, which is sensitive operational behavior even though it is disclosed and central to the stated purpose.
persistent, nightly scouting operation ... Every night, the agent scours Moltbook, professional communities, and the open web.
Use explicit schedules, run budgets, and stop conditions, and review each daily brief before taking action.
The agent may browse and summarize public or community pages to identify people and draft messages.
The skill asks for external web and browser tooling. This is appropriate for scouting, but those tools should remain scoped to the user’s search goals and run budget.
`web_search` | Discover candidate pages ... `web_fetch` | Extract page content ... `browser` | JS-heavy sites
Keep tool allowlists narrow, set max_searches/max_fetches/max_minutes, and do not allow automatic outreach.
Users have less publisher/source context to verify before trusting the skill’s instructions.
The supplied package has limited provenance information. There is no code or install script in the artifacts, so this is a notice rather than evidence of unsafe behavior.
Source: unknown; Homepage: none; No install spec — this is an instruction-only skill.
Install only from a trusted registry entry or verified repository, and avoid substituting untrusted GitHub or CLI sources.
Generated briefs may store sensitive business intent, avoid lists, and candidate information that should not be broadly shared.
The skill produces persistent reports containing candidate evidence and outreach drafts. This is expected, but such reports can contain business goals and personal/professional contact context.
delivers a daily "Connection Brief" with evidence-backed matches and personalized outreach drafts ... Structured JSON (`run.json`) ... Human-Readable Markdown (`run.md`)
Store briefs in an appropriate location, delete stale reports, and verify evidence manually before using any draft outreach.