Skillv1.1.0

ClawScan security

configure OpenClaw · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 31, 2026, 3:06 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill’s requested actions, files, and network accesses are consistent with its stated purpose (safely reading and patching ~/.openclaw/openclaw.json); it does not request unrelated credentials or installs.
Guidance: This skill is coherent for editing OpenClaw configuration: it will read your ~/.openclaw/openclaw.json, validate fields (fetching docs from docs.openclaw.ai if needed), and prepare a minimal JSON5 patch which it will only write after you confirm. Before installing or invoking it: (1) confirm you trust the source (homepage is unknown), (2) review any proposed patch carefully before confirming, (3) avoid asking it to print the entire config (which may contain secret refs), and (4) be aware it may run local CLI commands like `openclaw doctor --fix` to repair startup issues — only allow that if you expect the tool to run such commands.

Review Dimensions

Purpose & Capability: okThe name/description (configure OpenClaw) matches the instructions: read the local OpenClaw config, validate, propose minimal JSON5 patches, fetch live docs when needed, and apply changes after user confirmation. Nothing requested (no env vars, no installs) is unrelated to editing configuration.
Instruction Scope: noteInstructions explicitly read ~/.openclaw/openclaw.json and may run the local CLI (e.g., openclaw doctor / --fix) for diagnostics — both are reasonable for a configuration tool. The skill cautions not to output the full config unless requested and to never write without confirmation. Note: reading the config can expose secrets embedded there; the skill does not request them but may surface them if the user asks to display full config.
Install Mechanism: okInstruction-only skill with no install spec and no code files — lowest-risk install model. No downloads or external packages are introduced.
Credentials: okThe skill declares no required environment variables or credentials. SKILL.md describes the config schema (including how secret refs work) but does not demand unrelated secrets. Network fetches are limited to the documented OpenClaw docs URLs for validation.
Persistence & Privilege: okNo always:true, no system-wide configuration changes beyond editing the agent's own OpenClaw config with explicit user confirmation. The skill does reference running CLI repair commands, which is within the scope of configuring OpenClaw.