Skillv1.0.0

ClawScan security

OpenClaw Smart Agent Hub · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 4, 2026, 3:28 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, docs, and runtime instructions are consistent with a multi-provider/local-model routing manager: it reads/writes local YAML/JSON config, discovers local model endpoints, and optionally uses provider API keys configured in env or YAML.
Guidance: This skill appears to do what it claims, but please review and follow these precautions before installing or running it: 1) Inspect config/models.yaml in the package and your workspace — do not leave real API keys in that YAML; prefer api_key_env and set keys in environment variables. 2) Add config/models.yaml (and any .env files) to .gitignore and avoid committing secrets. 3) Be aware the scripts will read and write files under the skill's config/ directory (they create a default config and a local_models_cache.json). 4) The auto-discovery feature issues HTTP requests to endpoints specified in local_discovery and provider base_url entries (commonly localhost). Only enable discovery or add endpoints you control. 5) Run the code in a least-privilege environment (container or restricted user) if you are unsure, and inspect any provider base_url entries for unexpected external hosts. 6) If you need further assurance, provide the author/source provenance (this package lists an AI author) or run the scripts in a sandbox to observe network activity and filesystem changes.

Review Dimensions

Purpose & Capability: okThe files and scripts implement a multi-provider model router and provider manager as described: reading config/models.yaml, listing providers/models, auto-discovering local model services, and selecting models by task. There are no unrelated binaries, surprising dependencies, or requests for unrelated cloud credentials in the repository metadata.
Instruction Scope: noteSKILL.md and scripts instruct the agent to run Python scripts that read/write config/models.yaml and config/local_models_cache.json and perform HTTP requests to configured endpoints (local discovery endpoints and provider base_urls). This is within the stated purpose, but the skill will access the filesystem and make network requests to whatever endpoints exist in the config (including localhost).
Install Mechanism: okInstruction-only install (no external downloads). The only required packages are PyYAML and requests (standard). No extract-from-URL or third-party installers were found.
Credentials: noteThe skill does not declare required env vars in registry metadata, but the code and examples support optional provider API keys via api_key or api_key_env (e.g., OPENAI_API_KEY, ANTHROPIC_API_KEY, BAILIAN_API_KEY). That is proportionate to its purpose, but users must supply/store those secrets securely (prefer env vars) and avoid committing config files containing keys.
Persistence & Privilege: okThe skill does not request always:true and does not modify other skills. It writes/updates only its own config (config/models.yaml) and a local cache file (config/local_models_cache.json) which is expected for its functionality.