NormieClaw Full Stack
PassAudited by VirusTotal on May 10, 2026.
Overview
Type: OpenClaw Skill Name: normieclaw-full-stack Version: 1.0.0 The NormieClaw Full Stack bundle is a comprehensive and well-architected collection of 34 skills that follow high security standards for the OpenClaw ecosystem. The package includes robust defensive measures, such as explicit prompt-injection defense instructions in every SKILL.md file and the use of restrictive file permissions (chmod 600/700 and umask 077) in setup scripts like health-buddy-pro/scripts/health-buddy-init.sh. Python and Bash scripts utilize path canonicalization and strict regex-based input validation (e.g., hireme-pro/scripts/generate-resume-pdf.sh and party-planner-pro/scripts/export-plan.sh) to prevent path traversal. All network activities, such as SEC EDGAR checks, are purpose-aligned and transparent, while PDF generation scripts (docuscan/scripts/generate-pdf.py) explicitly disable JavaScript and block non-local requests to prevent exfiltration. No malicious intent or critical vulnerabilities were identified.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user may run many local scripts from a package whose source is not clearly identified in the registry.
The package is a large bundle with many executable scripts but no formal install spec or provenance URL in the registry metadata.
Source: unknown; Homepage: none; Install specifications: No install spec — this is an instruction-only skill; Code file presence: 65 code file(s)
Install only the subskills you need, review each setup prompt and script first, and prefer a known source or checksum-backed distribution.
The agent can modify files in the workspace during setup.
The setup flow asks the user's agent to run shell commands that copy files, create directories, and set permissions. This is disclosed and purpose-aligned setup behavior, not hidden execution.
I need you to install the Budget Buddy Pro skill. Run these commands exactly:
Run setup commands only in a trusted workspace after reviewing them, and avoid pasting setup blocks you do not understand.
Bank statements, transactions, budgets, and savings goals may remain on disk after use.
The skill persists sensitive financial transaction data locally for future budgeting and reporting.
Save parsed transactions to `data/transactions/YYYY-MM.json`
Use this only on a trusted device, enable full-disk encryption where possible, and periodically review or delete stored data you no longer need.
Running the command will permanently delete that skill's stored analysis data.
The static scan snippet shows a destructive deletion command, but it is scoped to the skill's own data directory and presented as a user-directed cleanup action.
Run `rm -rf ~/.openclaw/skills/writing-coach-pro/data` to delete all stored analysis data
Run deletion commands only when you intend to remove that data; consider backing up anything important first.
Users could over-rely on the package's own security wording instead of reviewing what it does.
The artifact makes a security-verification claim, while the registry source is unknown and no external homepage is provided. This is not evidence of deception, but users should treat it as a self-attested claim unless independently verified.
🛡️ **Codex Security Verified**
Treat security claims as informational unless backed by an independent audit or trusted distribution source.