Manus
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: manus Version: 1.3.1 The manus skill is a legitimate integration for the Manus AI platform, providing tools to create, monitor, and download results from autonomous agent tasks. The implementation in `scripts/manus.sh` follows good security practices, such as sanitizing filenames before downloading and using `jq` to safely handle JSON payloads, with no evidence of malicious intent or data exfiltration.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A Manus task may run autonomously based on the prompt and could produce actions, results, or provider-side costs the user did not fully anticipate.
The skill intentionally delegates work to an external autonomous agent that can use tools; this matches the stated purpose but is still a capability users should notice.
Use the Manus API to create autonomous AI tasks. Manus can browse the web, use tools, and deliver complete results
Use clear, bounded prompts, avoid delegating sensitive or irreversible decisions, and review Manus outputs before relying on them.
Anyone or any process with access to the key could use the Manus account, view tasks available to the key, or create new tasks that may consume credits.
The skill requires a Manus API key and uses it to create, list, and read tasks; this is expected for the integration but grants account-level access to Manus operations.
Header: `API_KEY: <your-key>` ... Set via: - `MANUS_API_KEY` env var - Or `skills.manus.apiKey`
Store the key securely, use the least-privileged key available, rotate it if exposed, and monitor Manus account usage.
Information included in prompts or generated outputs may be processed and stored by Manus, and shareable links may broaden access depending on Manus link controls.
User prompts are sent to the external Manus service, and the recommended workflow creates shareable task links; this is disclosed but affects data boundaries.
"prompt": "Your task description here" ... "createShareableLink": true
Do not include secrets, regulated data, or private business information unless Manus is approved for that data; consider disabling share links if the API supports it.
If installed manually from the repository, users must trust the current repository contents rather than a pinned reviewed revision.
The documented manual installation pulls code from a GitHub repository without pinning a commit; this is common but makes provenance dependent on the repository at install time.
git clone https://github.com/mvanhorn/clawdbot-skill-manus.git ~/.openclaw/skills/manus
Install from the reviewed registry package when possible, or pin and inspect a specific Git commit before manual installation.