Clawtrix Skill Advisor
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This instruction-only skill appears purpose-aligned and non-mutating, but it reads local mission/context files and may send mission keywords or installed-skill names to external services for recommendations.
This looks safe to install as an advisory, instruction-only skill if you are comfortable with it inspecting your skill list and mission files. Before following any install/remove recommendation, confirm what data was queried externally and ask whether ClawBrain peer signals were actually available.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may inspect your installed skills and local context-file sizes during an audit.
The skill instructs the agent to run local commands to inventory installed skills and measure context files. This is disclosed and aligned with a skill-stack audit, and the shown commands are non-mutating.
When the heartbeat fires or the user asks for a skill review, execute this sequence: ... openclaw skills list ... wc -c MEMORY.md SOUL.md AGENTS.md
Allow the audit only if you are comfortable with the agent enumerating installed skills and checking these workspace files; review recommendations before acting on them.
Information in SOUL.md can shape what skills the agent recommends and may indirectly influence future agent behavior.
The skill uses persistent workspace context to determine the agent's mission and score recommendations. This is purpose-aligned, but persistent context can contain sensitive details or be manipulated to influence recommendations.
Read `SOUL.md` (workspace root). Extract: Agent role / primary goal; Active tools and workflows; Domain...
Keep mission/context files accurate and free of secrets; treat recommendations as advisory and verify them independently.
External services may receive clues about your agent's mission, domain, tools, and installed or candidate skills.
The skill sends mission-derived keywords and candidate skill slugs to external services for search and peer-signal enrichment. This is disclosed and central to the recommendation purpose, but it crosses a data boundary.
Search ClawHub (`clawhub.ai/api/v1/search?q={mission-keyword}&limit=20`) using 2–3 different keywords from your SOUL.md... If `CLAWBRAIN_API_URL` is set... query ClawBrain...Use this only if sharing mission keywords and skill metadata with those services is acceptable; avoid putting sensitive project details in searchable mission keywords.
A recommendation may be based mostly on local rules and public search results rather than live peer intelligence.
The skill strongly markets live peer intelligence, but the peer-signal step is optional and may be skipped without an error. This could cause users to overestimate how much peer validation informed a recommendation.
Clawtrix uses live peer signals... If `CLAWBRAIN_API_URL` is not set, skip this step silently — do not surface an error.
Ask the agent to state whether ClawBrain peer signals were actually used before relying on peer-validation claims.