Destructive delete command
Warn
- Finding
- Documentation contains a destructive delete command without an explicit confirmation gate.
Hudl AI Openclaw Model Switch
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is a disclosed model-switching helper that edits OpenClaw's local model configuration and restarts the agent, with no evidence of hidden exfiltration or unrelated behavior.
Install this only if you want the agent to be able to change its active hudl model and restart OpenClaw after model-switch requests. Review the selected model, especially ambiguous or potentially expensive aliases, protect your OpenClaw config/API key, and run the README install commands only from a trusted source.
Static analysis
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
What this means
A model switch request can persistently change which LLM the agent uses and briefly interrupt the service during restart.
Why it was flagged
The skill intentionally invokes local shell scripts to modify the OpenClaw model config and then restart the agent.
Skill content
Run: `bash <skill_dir>/scripts/switch-model.sh <hudl-model-id>` ... Run: `openclaw restart`
Recommendation
Use it only for intentional model changes, check the chosen target model before switching, and keep a backup of the OpenClaw config if rollback matters.
What this means
The skill depends on local provider credentials being present, although the provided script only checks for the key and does not echo it.
Why it was flagged
The validation script reads the hudl provider API key field from the local OpenClaw config to confirm that credentials are configured.
Skill content
API_KEY=$(jq -r '.models.providers.hudl.apiKey // empty' "$CONFIG")
Recommendation
Protect the OpenClaw config file, use an appropriately scoped GRU key, and verify future changes do not log or transmit the API key.
What this means
Users who follow the fallback install prompt run external installation commands and replace the existing local copy of this skill.
Why it was flagged
The install documentation includes user-directed global CLI installation, cloning from GitHub, and replacing the skill's local directory.
Skill content
`npm i -g clawhub` ... `git clone https://github.com/huddle01/openclaw-skills.git` ... `rm -rf ~/.openclaw/skills/hudl-model-switch`
Recommendation
Install only from a trusted source, review the commands before running them, and treat the fallback GitHub/npm path as a manual setup option rather than an automatic requirement.