Skillv1.0.0

ClawScan security

Twinify · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 11, 2026, 9:16 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's files and instructions are internally consistent with its stated purpose (making AI twins from WhatsApp exports), but it handles sensitive personal data and includes steps that modify local agent/workspace configuration — so review consent, storage, and any config patches before use.
Guidance: This skill appears to do what it says: parse local WhatsApp exports and generate profile files for a persistent OpenClaw agent. Before installing or running it: - Confirm you have explicit, informed consent from the person whose chats you will use (the SKILL.md emphasizes this). Unauthorized use is a serious privacy and ethical risk. - Inspect the generated files and any config patch (gateway config.patch) before applying it — ensure it only registers the new agent and does not alter unrelated agents or global settings. - Keep the workspace secure (permissions/encryption) because parsed messages and persona files contain sensitive personal data. Delete all workspace files if the subject withdraws consent. - Verify how your LLM provider is configured on this platform so you understand whether any data is sent to external services and what logging/retention policies apply. - If you need higher assurance, run the parser on a sanitized sample and manually review outputs before creating a real twin. Given the privacy sensitivity, proceed only after confirming consent and reviewing the files/config changes the skill will make.

Review Dimensions

Purpose & Capability: okName/description match the included materials. The parser script and the guides (SOUL/EXAMPLES/ANIT-EXAMPLES/MEMORY) are appropriate for building a persona from WhatsApp exports. Requested artifacts (local workspace files, agent registration) are coherent with creating an OpenClaw agent.
Instruction Scope: noteSKILL.md stays focused on parsing chat exports, generating persona files, and registering an agent. It explicitly requires consent and says data should be processed locally. It does instruct the user/agent to create files under ~/.openclaw and to run a gateway config.patch step to register the agent — this legitimately relates to creating a persistent agent but is a potentially sensitive operation (modifying local/OpenClaw configuration).
Install Mechanism: okInstruction-only skill with a small included Python parser script; no install spec or external downloads. The parser is simple, has no network calls, and writes outputs locally — low install risk.
Credentials: okThe skill declares no environment variables or external credentials, and the code does not access outside secrets. It does rely on an LLM API at runtime implicitly (SKILL.md references LLM analysis) but does not request keys itself — this is consistent with platform-provided LLM access.
Persistence & Privilege: noteThe workflow creates persistent agent files and instructs registering the twin in OpenClaw config. The skill itself does not request always:true and does not autonomously escalate privileges, but the created twin will persist in the user's workspace and could be invoked later — users should inspect created config patches and agent files before registering.