ClawHub

Auto Skill Scanner

PassAudited by ClawScan on May 10, 2026.

Overview

The skill’s behavior matches its advertised security-scanning purpose, but it will create recurring OpenClaw cron jobs and send scan summaries to automatically discovered channels.

This skill appears purpose-aligned for automated security monitoring. Before installing, confirm that you want daily recurring scans, that all active messaging channels are safe places for security reports, and that you know how to review or remove the created OpenClaw cron jobs.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Note
ASI10: Rogue Agents
What this means

After first activation, the scanner can keep running automatically and sending reports until the cron jobs are removed.

Why it was flagged

The script creates recurring OpenClaw cron jobs that continue running daily after activation. This persistence is disclosed in SKILL.md and is purpose-aligned with daily monitoring.

Skill content
'openclaw', 'cron', 'add', '--every', '24h', '--session', 'isolated', '--message', f'Run Auto Skill Scanner. Execute: python3 {script_path}'
Recommendation

Install only if you want ongoing daily monitoring, and review or remove the created OpenClaw cron jobs when you no longer need the scanner.

Note
ASI07: Insecure Inter-Agent Communication
What this means

Security summaries, including installed skill names and issue categories, may be sent to every discovered active channel.

Why it was flagged

The skill discovers active delivery channels from OpenClaw session configuration and later uses them as report destinations.

Skill content
sessions_file = Path.home() / '.openclaw' / 'agents' / 'main' / 'sessions' / 'sessions.json' ... entry = {'channel': channel, 'to': to}
Recommendation

Make sure your active Telegram/Feishu/OpenClaw channels are appropriate for receiving security reports, especially if any are shared or public.

Note
ASI04: Agentic Supply Chain Vulnerabilities
What this means

The skill may fail or behave differently if Python or the OpenClaw CLI is unavailable, even though the registry requirements do not list them.

Why it was flagged

The script depends on the local openclaw CLI, while the registry metadata declares no required binaries or install spec. This is a visibility/packaging note, not evidence of malicious behavior.

Skill content
result = subprocess.run(['openclaw', 'cron', 'list'], capture_output=True, text=True, timeout=10)
Recommendation

Verify Python 3 and the OpenClaw CLI are present before relying on the scanner.