Muguozi1 Openclaw Json Repair
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill appears to repair JSON as advertised, but its file mode can overwrite selected files and the documentation overstates automatic backup protection.
This skill is not showing exfiltration or hidden execution, but treat file repair as a write operation. Run it on copies or with --backup, and do not rely on the documentation’s claim that backups are always automatic unless the implementation is fixed.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the agent repairs the wrong file or the repair changes meaning, the original file may be overwritten unless --backup was used.
The CLI file mode reads and overwrites the specified file. Backup is conditional on --backup, and there is no confirmation step before writing.
if (argMap.file) { ... const content = fs.readFileSync(filePath, 'utf-8'); ... if (argMap.backup) { ... fs.copyFileSync(filePath, backupPath); } ... fs.writeFileSync(filePath, JSON.stringify(result, null, 2));Use file repair only on intended files, pass --backup by default, and review the repaired output before replacing important configuration files.
A user may assume they can restore the original file even when no backup was actually created.
This documentation claims backups are automatic, but the implementation only creates a .bak file when the --backup option is present. That can give users a false sense of recoverability.
1. **备份**: 修复文件时会自动创建 `.bak` 备份
Correct the documentation or change the implementation so file mode always creates a backup before overwriting.
Users may need Node/npm available despite no declared binary or install requirement.
The skill documents a local npm install step even though the registry says there is no install spec. The package file shows no dependencies or install scripts, so this appears purpose-aligned but should be noticed.
cd skills/json-repair npm install
Declare the Node/npm requirement and install expectations in metadata, or remove the unnecessary npm install instruction.