Claude Code Openclaw Skill
ReviewAudited by ClawScan on May 10, 2026.
Overview
This instruction-only skill is coherent with its Claude Code purpose, but it enables broad code-editing, command-running, credentialed, MCP, session, hook, and sub-agent workflows that users should intentionally control.
Install this only if you want OpenClaw to call Claude Code on your codebase. Verify the Claude Code installer, authenticate intentionally, use least-privilege credentials, run risky work on a branch or sandbox, review commands and diffs before accepting changes, and avoid untrusted MCP, hook, or sub-agent configurations.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked in a repository, Claude Code may read or modify files, run project commands, and prepare commits or PR-related work according to the user's task.
The skill explicitly delegates broad codebase mutation and command execution to Claude Code through OpenClaw's exec workflow. This is central to the stated purpose, but it is high-impact authority.
Editing files with AI assistance; Running terminal commands; Creating commits and PRs; Use OpenClaw's exec tool to run Claude Code commands
Use a branch or sandbox, review diffs and terminal commands before accepting changes, and consider Claude Code permission, turn-limit, and budget controls for risky tasks.
The installed Claude Code CLI and installer behavior are outside this skill's reviewed file set.
The setup instructions use a remote shell installer that is not part of the reviewed skill artifacts. It is user-directed and purpose-aligned, but not pinned or locally reviewable here.
curl -fsSL https://claude.ai/install.sh | bash
Install only from the official Claude/Anthropic source, inspect installation instructions when possible, and avoid running remote installers in sensitive environments without review.
Connected accounts or tokens may allow access to private code or repository actions depending on how Claude Code and MCP servers are configured.
The skill expects Claude authentication and documents optional API or GitHub token use. These credentials are normal for the advertised integrations, but scopes and storage are not defined in the artifact.
`claude auth login`; `ANTHROPIC_API_KEY`; `claude mcp add github '{"github_token": "..."}'`Use least-privilege tokens, avoid broad personal tokens where possible, and verify which account and repository permissions are active before running mutation tasks.
A configured MCP server may receive project context or be able to act on external services according to its permissions.
The skill documents connecting Claude Code to MCP servers and external tools. This is an expected advanced feature, but server identity, permissions, and data boundaries depend on user configuration.
`--mcp-config` | Load MCP servers ... `claude mcp add <server-name> <config>`
Use only trusted MCP servers, review their permissions, and avoid giving them unnecessary repository, filesystem, or account access.
A resumed session may influence future coding work with prior instructions or project details.
The skill documents resuming and forking Claude Code sessions, which can reuse prior conversation context. This is purpose-aligned but can carry stale, sensitive, or untrusted context into later tasks.
Continue most recent conversation ... Resume session by ID or name ... Fork a session
Resume only sessions you trust, start a fresh session for unrelated or sensitive tasks, and review context when switching projects.
Misconfigured hooks or sub-agents could run extra actions or parallel workflows that are harder to review.
The skill documents optional sub-agents and hooks. The artifact does not configure hidden background behavior, but these features can expand automation beyond a single simple CLI request if the user enables them.
Run multiple Claude Code instances in parallel ... `--agents` ... Hooks ... Automate actions before/after Claude Code runs
Enable hooks and sub-agents only when needed, keep their tools limited, and review their configuration before use.